Configure certmonger to execute restart scripts on renewal.

certmonger now has the ability to execute a script when it renews a
certificate. This can be used to automatically restart servers so
the certificate doesn't expire in the running server.

https://fedorahosted.org/freeipa/ticket/2050

install/restart_scripts/Makefile.am

@@ -0,0 +1,15 @@
+NULL =
+
+appdir = $(libdir)/ipa/certmonger
+app_DATA =                              \
+	restart_dirsrv			\
+	restart_httpd			\
+	$(NULL)
+
+EXTRA_DIST =                            \
+        $(app_DATA)                     \
+        $(NULL)
+
+MAINTAINERCLEANFILES =                  \
+        *~                              \
+        Makefile.in

install/restart_scripts/README

@@ -0,0 +1,2 @@
+This directory contains scripts to be used by the command (-C) option
+of certmonger to restart services when the certificates are renewed.

install/restart_scripts/restart_dirsrv

@@ -0,0 +1,13 @@
+#!/usr/bin/python -E
+import sys
+from ipapython import services as ipaservices
+
+try:
+    instance = sys.argv[1]
+except IndexError:
+    instance = ""
+
+try:
+    ipaservices.knownservices.dirsrv.restart(instance)
+except Exception, e:
+    print "Cannot restart dirsrv (instance: '%s'): %s" % (instance, str(e))

install/restart_scripts/restart_httpd

@@ -0,0 +1,7 @@
+#!/usr/bin/python -E
+from ipapython import services as ipaservices
+
+try:
+    ipaservices.knownservices.httpd.restart()
+except Exception, e:
+    print "Cannot restart httpd: %s" % str(e)