rpms / ipa

Clone
Source Code
GIT

Files

  1.   ba521eaf9ebc94cec74d71e79851fcc0501c07da
  2.   SOURCES
  3.   0049-Stop-tracking-certificates-before-restoring-them-in-.patch
Blob Blame History Raw 
From 318a05f1564e95ae3516d7cfdb6cd7c03a87b87d Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 20 Nov 2014 13:57:46 +0000
Subject: [PATCH] Stop tracking certificates before restoring them in
 ipa-restore

https://fedorahosted.org/freeipa/ticket/4727

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
---
 ipaserver/install/ipa_restore.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index f290bae4dc6455bb22c4e726e72efe98205d970e..9cb978a516f4f85307735b7428f6053461061022 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -26,7 +26,7 @@ import pwd
 from ConfigParser import SafeConfigParser
 
 from ipalib import api, errors
-from ipapython import version, ipautil, certdb
+from ipapython import version, ipautil, certdb, dogtag
 from ipapython.ipautil import run, user_input
 from ipapython import admintool
 from ipapython.dn import DN
@@ -36,7 +36,7 @@ from ipaserver.install.cainstance import PKI_USER, create_ca_user
 from ipaserver.install.replication import (wait_for_task, ReplicationManager,
                                            get_cs_replication_manager)
 from ipaserver.install import installutils
-from ipaserver.install import httpinstance
+from ipaserver.install import dsinstance, httpinstance, cainstance
 from ipapython import ipaldap
 import ipapython.errors
 from ipaplatform.tasks import tasks
@@ -676,6 +676,12 @@ class Restore(admintool.AdminTool):
             self.log.error('%s', e)
 
     def cert_restore_prepare(self):
+        cainstance.stop_tracking_certificates(
+            dogtag.configured_constants())
+        httpinstance.HTTPInstance().stop_tracking_certificates()
+        dsinstance.DsInstance().stop_tracking_certificates(
+            realm_to_serverid(api.env.realm))
+
         for basename in ('cert8.db', 'key3.db', 'secmod.db', 'pwdfile.txt'):
             filename = os.path.join(paths.IPA_NSSDB_DIR, basename)
             try:
@@ -705,3 +711,5 @@ class Restore(admintool.AdminTool):
                             (nickname, paths.IPA_NSSDB_DIR, e))
 
         tasks.reload_systemwide_ca_store()
+
+        services.knownservices.certmonger.restart()
-- 
2.1.0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation