backup,restore: Don't overwrite /etc/{passwd,group}

The /etc/passwd and /etc/group files are not saved and restored. The DS user is always created on restore, and the PKI user is created if a CA is being restored. https://fedorahosted.org/freeipa/ticket/3866 Reviewed-By: Tomas Babej <tbabej@redhat.com>
2025-02-25 18:55:28 -06:00 · 2014-07-29 12:41:25 +02:00 · 2014-07-29 12:41:25 +02:00 · 06566cb62b
commit 06566cb62b
parent 5fef2ecb39
2 changed files with 3 additions and 3 deletions
--- a/ipaserver/install/ipa_backup.py
+++ b/ipaserver/install/ipa_backup.py
@ -149,8 +149,6 @@ class Backup(admintool.AdminTool):
        paths.SSHD_CONFIG,
        paths.SSH_CONFIG,
        paths.KRB5_CONF,
-        paths.GROUP,
-        paths.PASSWD,
        CACERT,
        paths.IPA_DEFAULT_CONF,
        paths.DS_KEYTAB,
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@ -32,7 +32,7 @@ from ipapython import admintool
 from ipapython.dn import DN
 from ipaserver.install.dsinstance import (realm_to_serverid,
                                          create_ds_user, DS_USER)
-from ipaserver.install.cainstance import PKI_USER
+from ipaserver.install.cainstance import PKI_USER, create_ca_user
 from ipaserver.install.replication import (wait_for_task, ReplicationManager,
                                           get_cs_replication_manager)
 from ipaserver.install import installutils
@ -265,6 +265,8 @@ class Restore(admintool.AdminTool):

            # We do either a full file restore or we restore data.
            if self.backup_type == 'FULL' and not options.data_only:
+                if 'CA' in self.backup_services:
+                    create_ca_user()
                if options.online:
                    raise admintool.ScriptError('File restoration cannot be done online.')
                self.file_restore(options.no_logs)