URL: https://github.com/freeipa/freeipa/pull/2710 Author: xxblx Title: #2710: [Backport][ipa-4-7] Remove stale kdc requests info files when upgrading IPA server Action: opened
PR body: """ This PR was opened automatically because PR #2707 was pushed to master and backport to ipa-4-7 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2710/head:pr2710 git checkout pr2710
From fe85837026924690466bb3feb516019f94356bae Mon Sep 17 00:00:00 2001 From: Oleg Kozlov <okoz...@redhat.com> Date: Fri, 21 Dec 2018 17:58:57 +0100 Subject: [PATCH] Remove stale kdc requests info files when upgrading IPA server Added removing of stale /var/lib/sss/pubconf/kdcinfo.* and /var/lib/sss/pubconf/kpasswdinfo.* files generated by SSSD during IPA server upgrade. Fixes: https://pagure.io/freeipa/issue/7578 --- ipaplatform/base/paths.py | 1 + ipaserver/install/server/upgrade.py | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index 8c1d44f8bb..c474c236d1 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -312,6 +312,7 @@ class BasePathNamespace(object): SSSD_DB = "/var/lib/sss/db" SSSD_MC_GROUP = "/var/lib/sss/mc/group" SSSD_MC_PASSWD = "/var/lib/sss/mc/passwd" + SSSD_PUBCONF_DIR = "/var/lib/sss/pubconf" SSSD_PUBCONF_KNOWN_HOSTS = "/var/lib/sss/pubconf/known_hosts" SSSD_PUBCONF_KRB5_INCLUDE_D_DIR = "/var/lib/sss/pubconf/krb5.include.d/" VAR_LOG_AUDIT = "/var/log/audit/audit.log" diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index 02ffaa10b9..18c2583557 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -8,6 +8,7 @@ import logging import re import os +import glob import shutil import pwd import fileinput @@ -304,6 +305,15 @@ def cleanup_dogtag(): instance.clean_pkispawn_files() +def cleanup_kdcinfo(): + """ Remove stale kdcinfo.*|kpasswdinfo.* files generated by SSSD """ + + for pattern in ('kdcinfo.*', 'kpasswdinfo.*'): + for fname in glob.glob(os.path.join(paths.SSSD_PUBCONF_DIR, pattern)): + logger.debug('Removing stale info file %s', fname) + os.unlink(fname) + + def upgrade_adtrust_config(): """ Upgrade 'dedicated keytab file' in smb.conf to omit FILE: prefix @@ -1418,6 +1428,8 @@ def sssd_update(): ) # enable and configure IFP plugin sssd_enable_ifp(sssdconfig, allow_httpd=flag) + # clean stale files generated by sssd + cleanup_kdcinfo() # write config and restart service sssdconfig.write(paths.SSSD_CONF) sssd = services.service('sssd', api)
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org