Add ODS manager abstraction to ipaplatform

OpenDNSSEC 1.4 and 2.x use different commands to initialize kasp.db and manage zones. ipaplatform.tasks abstracts the commands. Note: I added the logic to the base task instead of having different implementations for Red Hat and Debian platforms. Eventually Fedora is going to move to OpenDNSSEC 2.x, too. The design will make it easier to support OpenDNSSEC 2.x on Fedora. Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2019-04-18 08:02:38 +02:00
parent 8592603ea3
commit edaea8865f
5 changed files with 46 additions and 25 deletions
--- a/ipaserver/install/opendnssecinstance.py
+++ b/ipaserver/install/opendnssecinstance.py
@@ -21,6 +21,7 @@ from ipapython import ipautil
 from ipaplatform import services
 from ipaplatform.constants import constants
 from ipaplatform.paths import paths
+from ipaplatform.tasks import tasks
 from ipalib import errors, api
 from ipaserver import p11helper
 from ipalib.constants import SOFTHSM_DNSSEC_TOKEN_LABEL
@@ -279,11 +280,6 @@ class OpenDNSSECInstance(service.Service):
        if not self.fstore.has_file(paths.OPENDNSSEC_KASP_DB):
            self.fstore.backup_file(paths.OPENDNSSEC_KASP_DB)

-        if paths.ODS_ENFORCER is not None:
-            ods_cmd = paths.ODS_ENFORCER
-        else:
-            ods_cmd = paths.ODS_KSMUTIL
-
        if self.kasp_db_file:
            # copy user specified kasp.db to proper location and set proper
            # privileges
@@ -292,20 +288,16 @@ class OpenDNSSECInstance(service.Service):
            os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660)

            # regenerate zonelist.xml
-            cmd = [ods_cmd, 'zonelist', 'export']
-            result = ipautil.run(
-                cmd, runas=constants.ODS_USER, capture_output=True
+            result = tasks.run_ods_manager(
+                ['zonelist', 'export'], capture_output=True
            )
-            if paths.ODS_ENFORCER is not None:
-                with open(paths.OPENDNSSEC_ZONELIST_FILE, 'w') as f:
-                    f.write(result.output)
-                    os.fchown(f.fileno(), self.ods_uid, self.ods_gid)
-                    os.fchmod(f.fileno(), 0o660)
-
+            with open(paths.OPENDNSSEC_ZONELIST_FILE, 'w') as f:
+                f.write(result.output)
+                os.fchown(f.fileno(), self.ods_uid, self.ods_gid)
+                os.fchmod(f.fileno(), 0o660)
        else:
            # initialize new kasp.db
-            cmd = [ods_cmd, 'setup']
-            ipautil.run(cmd, stdin="y", runas=constants.ODS_USER)
+            tasks.run_ods_setup()

    def __setup_dnskeysyncd(self):
        # set up dnskeysyncd this is DNSSEC master