IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Remove stale kdc requests info files when upgrading IPA server

Browse Source 
Added removing of stale /var/lib/sss/pubconf/kdcinfo.* and /var/lib/sss/pubconf/kpasswdinfo.* files generated by SSSD during IPA server upgrade.

Fixes: https://pagure.io/freeipa/issue/7578
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Oleg Kozlov
2018-12-20 17:16:08 +01:00
parent c0fd5e39c7
commit 0e5a8fbb9b
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ipaplatform/base/paths.py
View File

@@ -300,6 +300,7 @@ class BasePathNamespace:
SSSD_DB = "/var/lib/sss/db" SSSD_DB = "/var/lib/sss/db"
SSSD_MC_GROUP = "/var/lib/sss/mc/group" SSSD_MC_GROUP = "/var/lib/sss/mc/group"
SSSD_MC_PASSWD = "/var/lib/sss/mc/passwd" SSSD_MC_PASSWD = "/var/lib/sss/mc/passwd"
SSSD_PUBCONF_DIR = "/var/lib/sss/pubconf"
SSSD_PUBCONF_KNOWN_HOSTS = "/var/lib/sss/pubconf/known_hosts" SSSD_PUBCONF_KNOWN_HOSTS = "/var/lib/sss/pubconf/known_hosts"
SSSD_PUBCONF_KRB5_INCLUDE_D_DIR = "/var/lib/sss/pubconf/krb5.include.d/" SSSD_PUBCONF_KRB5_INCLUDE_D_DIR = "/var/lib/sss/pubconf/krb5.include.d/"
VAR_LOG_AUDIT = "/var/log/audit/audit.log" VAR_LOG_AUDIT = "/var/log/audit/audit.log"

12
ipaserver/install/server/upgrade.py
View File

@@ -8,6 +8,7 @@ import errno
import logging import logging
import re import re
import os import os
import glob
import shutil import shutil
import pwd import pwd
import fileinput import fileinput
@@ -304,6 +305,15 @@ def cleanup_dogtag():
instance.clean_pkispawn_files() instance.clean_pkispawn_files()
def cleanup_kdcinfo():
""" Remove stale kdcinfo.*|kpasswdinfo.* files generated by SSSD """
for pattern in ('kdcinfo.*', 'kpasswdinfo.*'):
for fname in glob.glob(os.path.join(paths.SSSD_PUBCONF_DIR, pattern)):
logger.debug('Removing stale info file %s', fname)
os.unlink(fname)
def upgrade_adtrust_config(): def upgrade_adtrust_config():
""" """
Upgrade 'dedicated keytab file' in smb.conf to omit FILE: prefix Upgrade 'dedicated keytab file' in smb.conf to omit FILE: prefix
@@ -1418,6 +1428,8 @@ def sssd_update():
) )
# enable and configure IFP plugin # enable and configure IFP plugin
sssd_enable_ifp(sssdconfig, allow_httpd=flag) sssd_enable_ifp(sssdconfig, allow_httpd=flag)
# clean stale files generated by sssd
cleanup_kdcinfo()
# write config and restart service # write config and restart service
sssdconfig.write(paths.SSSD_CONF) sssdconfig.write(paths.SSSD_CONF)
sssd = services.service('sssd', api) sssd = services.service('sssd', api)