ipa-kra-install must create directory if it does not exist

ipa-kra-install creates an admin cert file in /root/.dogtag/pki-tomcat/ca_admin.cert but does not check that the parent directory exists. This situation can happen when uninstall + restore has been run. The fix creates the directory if not present. https://fedorahosted.org/freeipa/ticket/6606 Reviewed-By: Christian Heimes <cheimes@redhat.com>
2025-02-25 18:55:28 -06:00 · 2017-01-24 16:55:07 +01:00 · 2017-01-24 16:55:07 +01:00 · 066f5b7c90
commit 066f5b7c90
parent 5de70e3199
1 changed files with 4 additions and 0 deletions
--- a/ipaserver/install/krainstance.py
+++ b/ipaserver/install/krainstance.py
@ -259,6 +259,10 @@ class KRAInstance(DogtagInstance):
        else:
            # the admin cert file is needed for the first instance of KRA
            cert = DogtagInstance.get_admin_cert(self)
+            # First make sure that the directory exists
+            parentdir = os.path.dirname(paths.ADMIN_CERT_PATH)
+            if not os.path.exists(parentdir):
+                os.makedirs(parentdir)
            with open(paths.ADMIN_CERT_PATH, "w") as admin_path:
                admin_path.write(cert)