URL: https://github.com/freeipa/freeipa/pull/2709 Author: xxblx Title: #2709: [Backport][ipa-4-6] Remove stale kdc requests info files when upgrading IPA server Action: opened
PR body: """ This PR was opened automatically because PR #2707 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2709/head:pr2709 git checkout pr2709
From c5b6adca59ab3dffcc8209a98e3e760ee6e4a8db Mon Sep 17 00:00:00 2001 From: Oleg Kozlov <okoz...@redhat.com> Date: Fri, 21 Dec 2018 16:18:29 +0100 Subject: [PATCH] Remove stale kdc requests info files when upgrading IPA server Added removing of stale /var/lib/sss/pubconf/kdcinfo.* and /var/lib/sss/pubconf/kpasswdinfo.* files generated by SSSD during IPA server upgrade. Fixes: https://pagure.io/freeipa/issue/7578 --- ipaplatform/base/paths.py | 1 + ipaserver/install/server/upgrade.py | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index 2b21eceb76..f1327daa11 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -293,6 +293,7 @@ class BasePathNamespace(object): SSSD_DB = "/var/lib/sss/db" SSSD_MC_GROUP = "/var/lib/sss/mc/group" SSSD_MC_PASSWD = "/var/lib/sss/mc/passwd" + SSSD_PUBCONF_DIR = "/var/lib/sss/pubconf" SSSD_PUBCONF_KNOWN_HOSTS = "/var/lib/sss/pubconf/known_hosts" SSSD_PUBCONF_KRB5_INCLUDE_D_DIR = "/var/lib/sss/pubconf/krb5.include.d/" VAR_LOG_AUDIT = "/var/log/audit/audit.log" diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index 308deffcff..1aff263eaa 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -8,6 +8,7 @@ import logging import re import os +import glob import shutil import pwd import fileinput @@ -319,6 +320,15 @@ def cleanup_dogtag(): instance.clean_pkispawn_files() +def cleanup_kdcinfo(): + """ Remove stale kdcinfo.*|kpasswdinfo.* files generated by SSSD """ + + for pattern in ('kdcinfo.*', 'kpasswdinfo.*'): + for fname in glob.glob(os.path.join(paths.SSSD_PUBCONF_DIR, pattern)): + logger.debug('Removing stale info file %s', fname) + os.unlink(fname) + + def upgrade_adtrust_config(): """ Upgrade 'dedicated keytab file' in smb.conf to omit FILE: prefix @@ -1403,6 +1413,8 @@ def sssd_update(): sssdconfig.save_domain(domain) # enable and configure IFP plugin sssd_enable_ifp(sssdconfig) + # clean stale files generated by sssd + cleanup_kdcinfo() # write config and restart service sssdconfig.write(paths.SSSD_CONF) sssd = services.service('sssd', api)
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
