Keep owner when backing up CA.cfg

DogtagInstance.backup_config uses shutil.copy to create a backup of the
config file. The function does not retain owner and group, so it creates a
backup as user and group root:root.

Closes: https://pagure.io/freeipa/issue/7426
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexey Slaykovsky <alexey@slaykovsky.com>

ipaserver/install/dogtaginstance.py

@@ -469,8 +469,12 @@ class DogtagInstance(service.Service):
         """
         Create a backup copy of CS.cfg
         """
-        path = self.config
+        config = self.config
+        bak = config + '.ipabkp'
         if services.knownservices['pki_tomcatd'].is_running('pki-tomcat'):
             raise RuntimeError(
-                "Dogtag must be stopped when creating backup of %s" % path)
-        shutil.copy(path, path + '.ipabkp')
+                "Dogtag must be stopped when creating backup of %s" % config)
+        shutil.copy(config, bak)
+        # shutil.copy() doesn't copy owner
+        s = os.stat(config)
+        os.chown(bak, s.st_uid, s.st_gid)