2009-04-22 13:35:43 -05:00
|
|
|
# Authors: Rob Crittenden <rcritten@redhat.com>
|
|
|
|
#
|
|
|
|
# Copyright (C) 2009 Red Hat
|
|
|
|
# see file 'COPYING' for use and warranty information
|
|
|
|
#
|
2010-12-09 06:59:11 -06:00
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
2009-04-22 13:35:43 -05:00
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
2010-12-09 06:59:11 -06:00
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2009-04-22 13:35:43 -05:00
|
|
|
#
|
|
|
|
|
2014-09-18 09:28:59 -05:00
|
|
|
import os
|
|
|
|
|
|
|
|
from ipaplatform.paths import paths
|
|
|
|
from ipapython import ipautil
|
|
|
|
|
2010-11-01 12:51:14 -05:00
|
|
|
CA_NICKNAME_FMT = "%s IPA CA"
|
2014-09-18 09:28:59 -05:00
|
|
|
|
|
|
|
|
2010-11-01 12:51:14 -05:00
|
|
|
def get_ca_nickname(realm, format=CA_NICKNAME_FMT):
|
|
|
|
return format % realm
|
2014-09-18 09:28:59 -05:00
|
|
|
|
|
|
|
|
|
|
|
def create_ipa_nssdb():
|
|
|
|
pwdfile = os.path.join(paths.IPA_NSSDB_DIR, 'pwdfile.txt')
|
|
|
|
|
|
|
|
ipautil.backup_file(pwdfile)
|
|
|
|
ipautil.backup_file(os.path.join(paths.IPA_NSSDB_DIR, 'cert8.db'))
|
|
|
|
ipautil.backup_file(os.path.join(paths.IPA_NSSDB_DIR, 'key3.db'))
|
|
|
|
ipautil.backup_file(os.path.join(paths.IPA_NSSDB_DIR, 'secmod.db'))
|
|
|
|
|
|
|
|
with open(pwdfile, 'w') as f:
|
|
|
|
f.write(ipautil.ipa_generate_password(pwd_len=40))
|
|
|
|
os.chmod(pwdfile, 0600)
|
|
|
|
|
|
|
|
ipautil.run([paths.CERTUTIL,
|
|
|
|
"-N",
|
|
|
|
"-d", paths.IPA_NSSDB_DIR,
|
|
|
|
"-f", pwdfile])
|
|
|
|
os.chmod(os.path.join(paths.IPA_NSSDB_DIR, 'cert8.db'), 0644)
|
|
|
|
os.chmod(os.path.join(paths.IPA_NSSDB_DIR, 'key3.db'), 0644)
|
|
|
|
os.chmod(os.path.join(paths.IPA_NSSDB_DIR, 'secmod.db'), 0644)
|