Remove stale kdc requests info files when upgrading IPA server

Added removing of stale /var/lib/sss/pubconf/kdcinfo.* and /var/lib/sss/pubconf/kpasswdinfo.* files generated by SSSD during IPA server upgrade.

Fixes: https://pagure.io/freeipa/issue/7578
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

ipaplatform/base/paths.py

@@ -300,6 +300,7 @@ class BasePathNamespace:
     SSSD_DB = "/var/lib/sss/db"
     SSSD_MC_GROUP = "/var/lib/sss/mc/group"
     SSSD_MC_PASSWD = "/var/lib/sss/mc/passwd"
+    SSSD_PUBCONF_DIR = "/var/lib/sss/pubconf"
     SSSD_PUBCONF_KNOWN_HOSTS = "/var/lib/sss/pubconf/known_hosts"
     SSSD_PUBCONF_KRB5_INCLUDE_D_DIR = "/var/lib/sss/pubconf/krb5.include.d/"
     VAR_LOG_AUDIT = "/var/log/audit/audit.log"

ipaserver/install/server/upgrade.py

@@ -8,6 +8,7 @@ import errno
 import logging
 import re
 import os
+import glob
 import shutil
 import pwd
 import fileinput
@@ -304,6 +305,15 @@ def cleanup_dogtag():
         instance.clean_pkispawn_files()
 
 
+def cleanup_kdcinfo():
+    """ Remove stale kdcinfo.*|kpasswdinfo.* files generated by SSSD """
+
+    for pattern in ('kdcinfo.*', 'kpasswdinfo.*'):
+        for fname in glob.glob(os.path.join(paths.SSSD_PUBCONF_DIR, pattern)):
+            logger.debug('Removing stale info file %s', fname)
+            os.unlink(fname)
+
+
 def upgrade_adtrust_config():
     """
     Upgrade 'dedicated keytab file' in smb.conf to omit FILE: prefix
@@ -1418,6 +1428,8 @@ def sssd_update():
         )
     # enable and configure IFP plugin
     sssd_enable_ifp(sssdconfig, allow_httpd=flag)
+    # clean stale files generated by sssd
+    cleanup_kdcinfo()
     # write config and restart service
     sssdconfig.write(paths.SSSD_CONF)
     sssd = services.service('sssd', api)