Specify PKI installation log paths

The DogtagInstance.spawn_instance() and uninstall() have been modified to specify the paths of PKI installation logs using --log-file option on PKI 11.0.0 or later. This allows IPA to have a full control over the log files instead of relying on PKI's default log files. Fixes: https://pagure.io/freeipa/issue/8966 Signed-off-by: Endi Sukma Dewata <edewata@redhat.com> Reviewed-By: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: François Cami <fcami@redhat.com>
2025-01-26 16:16:31 -06:00 · 2021-08-12 13:26:42 -05:00 · 2021-08-12 13:26:42 -05:00 · d5672a9749
commit d5672a9749
parent 7b5ef8aede
1 changed files with 32 additions and 3 deletions
--- a/ipaserver/install/dogtaginstance.py
+++ b/ipaserver/install/dogtaginstance.py
@ -36,8 +36,10 @@ from configparser import DEFAULTSECT, ConfigParser, RawConfigParser

 import six

+import pki
 from pki.client import PKIConnection
 import pki.system
+import pki.util

 from ipalib import api, errors, x509
 from ipalib.install import certmonger
@ -202,6 +204,18 @@ class DogtagInstance(service.Service):
                "-f", cfg_file,
                "--debug"]

+        # specify --log-file <path> on PKI 11.0.0 or later
+
+        pki_version = pki.util.Version(pki.specification_version())
+        if pki_version >= pki.util.Version("11.0.0"):
+            timestamp = time.strftime(
+                "%Y%m%d%H%M%S",
+                time.localtime(time.time()))
+            log_file = os.path.join(
+                paths.VAR_LOG_PKI_DIR,
+                "pki-%s-spawn.%s.log" % (self.subsystem.lower(), timestamp))
+            args.extend(["--log-file", log_file])
+
        with open(cfg_file) as f:
            logger.debug(
                'Contents of pkispawn configuration file (%s):\n%s',
@ -290,10 +304,25 @@ class DogtagInstance(service.Service):
        if self.is_installed():
            self.print_msg("Unconfiguring %s" % self.subsystem)

+        args = [paths.PKIDESTROY,
+                "-i", "pki-tomcat",
+                "-s", self.subsystem]
+
+        # specify --log-file <path> on PKI 11.0.0 or later
+
+        pki_version = pki.util.Version(pki.specification_version())
+        if pki_version >= pki.util.Version("11.0.0"):
+            timestamp = time.strftime(
+                "%Y%m%d%H%M%S",
+                time.localtime(time.time()))
+            log_file = os.path.join(
+                paths.VAR_LOG_PKI_DIR,
+                "pki-%s-destroy.%s.log" % (self.subsystem.lower(), timestamp))
+            args.extend(["--log-file", log_file])
+
        try:
-            ipautil.run([paths.PKIDESTROY,
-                         "-i", 'pki-tomcat',
-                         "-s", self.subsystem])
+            ipautil.run(args)
+
        except ipautil.CalledProcessError as e:
            logger.critical("failed to uninstall %s instance %s",
                            self.subsystem, e)