Keep Dogtag's client db in external CA step 1

Don't remove /root/.dogtag/pki-tomcat when performing step 1 of external CA installation process. Dogtag 10.6.7 changed behavior and no longer re-creates the client database in step 2. Fixes: https://pagure.io/freeipa/issue/7742 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-10-26 18:12:29 +02:00
parent 2e7f3d1d0d
commit ec54fa7712
2 changed files with 11 additions and 4 deletions
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -480,7 +480,12 @@ class CAInstance(DogtagInstance):
        try:
            self.start_creation(runtime=runtime)
        finally:
-            self.clean_pkispawn_files()
+            if self.external == 1:
+                # Don't remove client DB in external CA step 1
+                # https://pagure.io/freeipa/issue/7742
+                logger.debug("Keep pkispawn files for step 2")
+            else:
+                self.clean_pkispawn_files()

    def __spawn_instance(self):
        """
--- a/ipaserver/install/dogtaginstance.py
+++ b/ipaserver/install/dogtaginstance.py
@@ -167,11 +167,13 @@ class DogtagInstance(service.Service):

    def clean_pkispawn_files(self):
        if self.tmp_agent_db is not None:
+            logger.debug("Removing %s", self.tmp_agent_db)
            shutil.rmtree(self.tmp_agent_db, ignore_errors=True)

-        shutil.rmtree('/root/.dogtag/pki-tomcat/{subsystem}/'
-                      .format(subsystem=self.subsystem.lower()),
-                      ignore_errors=True)
+        client_dir = os.path.join(
+            '/root/.dogtag/pki-tomcat/', self.subsystem.lower())
+        logger.debug("Removing %s", client_dir)
+        shutil.rmtree(client_dir, ignore_errors=True)

    def restart_instance(self):
        self.restart('pki-tomcat')