[Freeipa-devel] [freeipa PR#569][synchronized] Remove copy-schema-to-ca.py from master branch
URL: https://github.com/freeipa/freeipa/pull/569
Author: MartinBasti
Title: #569: Remove copy-schema-to-ca.py from master branch
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/569/head:pr569
git checkout pr569
From 6493e18e50220a01b50f2b6df8b75acc3745ec5f Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Fri, 10 Mar 2017 13:30:43 +0100
Subject: [PATCH 1/2] Remove copy-schema-to-ca.py from master branch
This script is used only for IPA <3.1, so it must be compatible with
ipa-3-0 branch, so it should be placed there
https://pagure.io/freeipa/issue/6540
---
freeipa.spec.in| 1 -
install/share/Makefile.am | 1 -
install/share/copy-schema-to-ca.py | 126 -
ipaserver/install/cainstance.py| 6 +-
4 files changed, 2 insertions(+), 132 deletions(-)
delete mode 100755 install/share/copy-schema-to-ca.py
diff --git a/freeipa.spec.in b/freeipa.spec.in
index db591e0..4d991d4 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1221,7 +1221,6 @@ fi
# END
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/wsgi.py*
-%{_usr}/share/ipa/copy-schema-to-ca.py*
%{_usr}/share/ipa/*.ldif
%{_usr}/share/ipa/*.uldif
%{_usr}/share/ipa/*.template
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 1e8f0d5..9e539a3 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -81,7 +81,6 @@ dist_app_DATA =\
automember.ldif \
replica-automember.ldif \
replica-s4u2proxy.ldif \
- copy-schema-to-ca.py \
sasl-mapping-fallback.ldif \
schema-update.ldif \
vault.ldif \
diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
deleted file mode 100755
index 4daed6f..000
--- a/install/share/copy-schema-to-ca.py
+++ /dev/null
@@ -1,126 +0,0 @@
-#! /usr/bin/python2
-
-"""Copy the IPA schema to the CA directory server instance
-
-You need to run this script to prepare a 2.2 or 3.0 IPA master for
-installation of a 3.1 replica.
-
-Once a 3.1 replica is in the domain, every older CA master will emit schema
-replication errors until this script is run on it.
-
-"""
-
-import os
-import sys
-import pwd
-import shutil
-
-from hashlib import sha1
-
-from ipaplatform.paths import paths
-from ipapython import ipautil
-from ipapython.ipa_log_manager import root_logger, standard_logging_setup
-from ipaserver.install.dsinstance import schema_dirname
-from ipalib import api
-
-try:
-# BE CAREFUL when using the constants module - you need to define all
-# the constants separately because of old IPA installations
-from ipaplatform.constants import constants
-PKI_USER = constants.PKI_USER
-DS_USER = constants.DS_USER
-except ImportError:
-# oh dear, this is an old IPA (3.0+)
-from ipaserver.install.dsinstance import DS_USER #pylint: disable=E0611
-from ipaserver.install.cainstance import PKI_USER #pylint: disable=E0611
-
-try:
-from ipaplatform import services
-except ImportError:
-from ipapython import services # pylint: disable=no-name-in-module
-
-SERVERID = "PKI-IPA"
-SCHEMA_FILENAMES = (
-"60kerberos.ldif",
-"60samba.ldif",
-"60ipaconfig.ldif",
-"60basev2.ldif",
-"60basev3.ldif",
-"60ipadns.ldif",
-"61kerberos-ipav3.ldif",
-"65ipacertstore.ldif",
-"65ipasudo.ldif",
-"70ipaotp.ldif",
-"05rfc2247.ldif",
-)
-
-
-def _sha1_file(filename):
-with open(filename, 'rb') as f:
-return sha1(f.read()).hexdigest()
-
-
-def add_ca_schema():
-"""Copy IPA schema files into the CA DS instance
-"""
-pki_pent = pwd.getpwnam(PKI_USER)
-ds_pent = pwd.getpwnam(DS_USER)
-for schema_fname in SCHEMA_FILENAMES:
-source_fname = os.path.join(paths.USR_SHARE_IPA_DIR, schema_fname)
-target_fname = os.path.join(schema_dirname(SERVERID), schema_fname)
-if not os.path.exists(source_fname):
-root_logger.debug('File does not exist: %s', source_fname)
-continue
-if os.path.exists(target_fname):
-target_sha1 = _sha1_file(target_fname)
-source_sha1 = _sha1_file(source_fname)
-if target_sha1 != source_sha1:
-target_size = os.stat(target_fname).st_size
-source_size = os.stat(source_fname).st_size
-root_logger.info('Target file %s exists but the content is '
- 'different', target_fname)
-root_logger.info('\tTarget file: sha1: %s, size: %s B',
- target_sha1, target_size)
-root_logger.info('\tSource file: sha1: %s, size: %s B',
- source_sha1, source_size)
-if not ipautil.user_input("Do you want replace %s file?" %
- target_fname, True):
-continue
-
-else:
-root_
[Freeipa-devel] [freeipa PR#569][synchronized] Remove copy-schema-to-ca.py from master branch
URL: https://github.com/freeipa/freeipa/pull/569
Author: MartinBasti
Title: #569: Remove copy-schema-to-ca.py from master branch
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/569/head:pr569
git checkout pr569
From 6493e18e50220a01b50f2b6df8b75acc3745ec5f Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Fri, 10 Mar 2017 13:30:43 +0100
Subject: [PATCH 1/2] Remove copy-schema-to-ca.py from master branch
This script is used only for IPA <3.1, so it must be compatible with
ipa-3-0 branch, so it should be placed there
https://pagure.io/freeipa/issue/6540
---
freeipa.spec.in| 1 -
install/share/Makefile.am | 1 -
install/share/copy-schema-to-ca.py | 126 -
ipaserver/install/cainstance.py| 6 +-
4 files changed, 2 insertions(+), 132 deletions(-)
delete mode 100755 install/share/copy-schema-to-ca.py
diff --git a/freeipa.spec.in b/freeipa.spec.in
index db591e0..4d991d4 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1221,7 +1221,6 @@ fi
# END
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/wsgi.py*
-%{_usr}/share/ipa/copy-schema-to-ca.py*
%{_usr}/share/ipa/*.ldif
%{_usr}/share/ipa/*.uldif
%{_usr}/share/ipa/*.template
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 1e8f0d5..9e539a3 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -81,7 +81,6 @@ dist_app_DATA =\
automember.ldif \
replica-automember.ldif \
replica-s4u2proxy.ldif \
- copy-schema-to-ca.py \
sasl-mapping-fallback.ldif \
schema-update.ldif \
vault.ldif \
diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
deleted file mode 100755
index 4daed6f..000
--- a/install/share/copy-schema-to-ca.py
+++ /dev/null
@@ -1,126 +0,0 @@
-#! /usr/bin/python2
-
-"""Copy the IPA schema to the CA directory server instance
-
-You need to run this script to prepare a 2.2 or 3.0 IPA master for
-installation of a 3.1 replica.
-
-Once a 3.1 replica is in the domain, every older CA master will emit schema
-replication errors until this script is run on it.
-
-"""
-
-import os
-import sys
-import pwd
-import shutil
-
-from hashlib import sha1
-
-from ipaplatform.paths import paths
-from ipapython import ipautil
-from ipapython.ipa_log_manager import root_logger, standard_logging_setup
-from ipaserver.install.dsinstance import schema_dirname
-from ipalib import api
-
-try:
-# BE CAREFUL when using the constants module - you need to define all
-# the constants separately because of old IPA installations
-from ipaplatform.constants import constants
-PKI_USER = constants.PKI_USER
-DS_USER = constants.DS_USER
-except ImportError:
-# oh dear, this is an old IPA (3.0+)
-from ipaserver.install.dsinstance import DS_USER #pylint: disable=E0611
-from ipaserver.install.cainstance import PKI_USER #pylint: disable=E0611
-
-try:
-from ipaplatform import services
-except ImportError:
-from ipapython import services # pylint: disable=no-name-in-module
-
-SERVERID = "PKI-IPA"
-SCHEMA_FILENAMES = (
-"60kerberos.ldif",
-"60samba.ldif",
-"60ipaconfig.ldif",
-"60basev2.ldif",
-"60basev3.ldif",
-"60ipadns.ldif",
-"61kerberos-ipav3.ldif",
-"65ipacertstore.ldif",
-"65ipasudo.ldif",
-"70ipaotp.ldif",
-"05rfc2247.ldif",
-)
-
-
-def _sha1_file(filename):
-with open(filename, 'rb') as f:
-return sha1(f.read()).hexdigest()
-
-
-def add_ca_schema():
-"""Copy IPA schema files into the CA DS instance
-"""
-pki_pent = pwd.getpwnam(PKI_USER)
-ds_pent = pwd.getpwnam(DS_USER)
-for schema_fname in SCHEMA_FILENAMES:
-source_fname = os.path.join(paths.USR_SHARE_IPA_DIR, schema_fname)
-target_fname = os.path.join(schema_dirname(SERVERID), schema_fname)
-if not os.path.exists(source_fname):
-root_logger.debug('File does not exist: %s', source_fname)
-continue
-if os.path.exists(target_fname):
-target_sha1 = _sha1_file(target_fname)
-source_sha1 = _sha1_file(source_fname)
-if target_sha1 != source_sha1:
-target_size = os.stat(target_fname).st_size
-source_size = os.stat(source_fname).st_size
-root_logger.info('Target file %s exists but the content is '
- 'different', target_fname)
-root_logger.info('\tTarget file: sha1: %s, size: %s B',
- target_sha1, target_size)
-root_logger.info('\tSource file: sha1: %s, size: %s B',
- source_sha1, source_size)
-if not ipautil.user_input("Do you want replace %s file?" %
- target_fname, True):
-continue
-
-else:
-root_
[Freeipa-devel] [freeipa PR#569][synchronized] Remove copy-schema-to-ca.py from master branch
URL: https://github.com/freeipa/freeipa/pull/569
Author: MartinBasti
Title: #569: Remove copy-schema-to-ca.py from master branch
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/569/head:pr569
git checkout pr569
From 6493e18e50220a01b50f2b6df8b75acc3745ec5f Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Fri, 10 Mar 2017 13:30:43 +0100
Subject: [PATCH 1/2] Remove copy-schema-to-ca.py from master branch
This script is used only for IPA <3.1, so it must be compatible with
ipa-3-0 branch, so it should be placed there
https://pagure.io/freeipa/issue/6540
---
freeipa.spec.in| 1 -
install/share/Makefile.am | 1 -
install/share/copy-schema-to-ca.py | 126 -
ipaserver/install/cainstance.py| 6 +-
4 files changed, 2 insertions(+), 132 deletions(-)
delete mode 100755 install/share/copy-schema-to-ca.py
diff --git a/freeipa.spec.in b/freeipa.spec.in
index db591e0..4d991d4 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1221,7 +1221,6 @@ fi
# END
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/wsgi.py*
-%{_usr}/share/ipa/copy-schema-to-ca.py*
%{_usr}/share/ipa/*.ldif
%{_usr}/share/ipa/*.uldif
%{_usr}/share/ipa/*.template
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 1e8f0d5..9e539a3 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -81,7 +81,6 @@ dist_app_DATA =\
automember.ldif \
replica-automember.ldif \
replica-s4u2proxy.ldif \
- copy-schema-to-ca.py \
sasl-mapping-fallback.ldif \
schema-update.ldif \
vault.ldif \
diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
deleted file mode 100755
index 4daed6f..000
--- a/install/share/copy-schema-to-ca.py
+++ /dev/null
@@ -1,126 +0,0 @@
-#! /usr/bin/python2
-
-"""Copy the IPA schema to the CA directory server instance
-
-You need to run this script to prepare a 2.2 or 3.0 IPA master for
-installation of a 3.1 replica.
-
-Once a 3.1 replica is in the domain, every older CA master will emit schema
-replication errors until this script is run on it.
-
-"""
-
-import os
-import sys
-import pwd
-import shutil
-
-from hashlib import sha1
-
-from ipaplatform.paths import paths
-from ipapython import ipautil
-from ipapython.ipa_log_manager import root_logger, standard_logging_setup
-from ipaserver.install.dsinstance import schema_dirname
-from ipalib import api
-
-try:
-# BE CAREFUL when using the constants module - you need to define all
-# the constants separately because of old IPA installations
-from ipaplatform.constants import constants
-PKI_USER = constants.PKI_USER
-DS_USER = constants.DS_USER
-except ImportError:
-# oh dear, this is an old IPA (3.0+)
-from ipaserver.install.dsinstance import DS_USER #pylint: disable=E0611
-from ipaserver.install.cainstance import PKI_USER #pylint: disable=E0611
-
-try:
-from ipaplatform import services
-except ImportError:
-from ipapython import services # pylint: disable=no-name-in-module
-
-SERVERID = "PKI-IPA"
-SCHEMA_FILENAMES = (
-"60kerberos.ldif",
-"60samba.ldif",
-"60ipaconfig.ldif",
-"60basev2.ldif",
-"60basev3.ldif",
-"60ipadns.ldif",
-"61kerberos-ipav3.ldif",
-"65ipacertstore.ldif",
-"65ipasudo.ldif",
-"70ipaotp.ldif",
-"05rfc2247.ldif",
-)
-
-
-def _sha1_file(filename):
-with open(filename, 'rb') as f:
-return sha1(f.read()).hexdigest()
-
-
-def add_ca_schema():
-"""Copy IPA schema files into the CA DS instance
-"""
-pki_pent = pwd.getpwnam(PKI_USER)
-ds_pent = pwd.getpwnam(DS_USER)
-for schema_fname in SCHEMA_FILENAMES:
-source_fname = os.path.join(paths.USR_SHARE_IPA_DIR, schema_fname)
-target_fname = os.path.join(schema_dirname(SERVERID), schema_fname)
-if not os.path.exists(source_fname):
-root_logger.debug('File does not exist: %s', source_fname)
-continue
-if os.path.exists(target_fname):
-target_sha1 = _sha1_file(target_fname)
-source_sha1 = _sha1_file(source_fname)
-if target_sha1 != source_sha1:
-target_size = os.stat(target_fname).st_size
-source_size = os.stat(source_fname).st_size
-root_logger.info('Target file %s exists but the content is '
- 'different', target_fname)
-root_logger.info('\tTarget file: sha1: %s, size: %s B',
- target_sha1, target_size)
-root_logger.info('\tSource file: sha1: %s, size: %s B',
- source_sha1, source_size)
-if not ipautil.user_input("Do you want replace %s file?" %
- target_fname, True):
-continue
-
-else:
-root_
[Freeipa-devel] [freeipa PR#569][synchronized] Remove copy-schema-to-ca.py from master branch
URL: https://github.com/freeipa/freeipa/pull/569
Author: MartinBasti
Title: #569: Remove copy-schema-to-ca.py from master branch
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/569/head:pr569
git checkout pr569
From 6493e18e50220a01b50f2b6df8b75acc3745ec5f Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Fri, 10 Mar 2017 13:30:43 +0100
Subject: [PATCH 1/2] Remove copy-schema-to-ca.py from master branch
This script is used only for IPA <3.1, so it must be compatible with
ipa-3-0 branch, so it should be placed there
https://pagure.io/freeipa/issue/6540
---
freeipa.spec.in| 1 -
install/share/Makefile.am | 1 -
install/share/copy-schema-to-ca.py | 126 -
ipaserver/install/cainstance.py| 6 +-
4 files changed, 2 insertions(+), 132 deletions(-)
delete mode 100755 install/share/copy-schema-to-ca.py
diff --git a/freeipa.spec.in b/freeipa.spec.in
index db591e0..4d991d4 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1221,7 +1221,6 @@ fi
# END
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/wsgi.py*
-%{_usr}/share/ipa/copy-schema-to-ca.py*
%{_usr}/share/ipa/*.ldif
%{_usr}/share/ipa/*.uldif
%{_usr}/share/ipa/*.template
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 1e8f0d5..9e539a3 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -81,7 +81,6 @@ dist_app_DATA =\
automember.ldif \
replica-automember.ldif \
replica-s4u2proxy.ldif \
- copy-schema-to-ca.py \
sasl-mapping-fallback.ldif \
schema-update.ldif \
vault.ldif \
diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
deleted file mode 100755
index 4daed6f..000
--- a/install/share/copy-schema-to-ca.py
+++ /dev/null
@@ -1,126 +0,0 @@
-#! /usr/bin/python2
-
-"""Copy the IPA schema to the CA directory server instance
-
-You need to run this script to prepare a 2.2 or 3.0 IPA master for
-installation of a 3.1 replica.
-
-Once a 3.1 replica is in the domain, every older CA master will emit schema
-replication errors until this script is run on it.
-
-"""
-
-import os
-import sys
-import pwd
-import shutil
-
-from hashlib import sha1
-
-from ipaplatform.paths import paths
-from ipapython import ipautil
-from ipapython.ipa_log_manager import root_logger, standard_logging_setup
-from ipaserver.install.dsinstance import schema_dirname
-from ipalib import api
-
-try:
-# BE CAREFUL when using the constants module - you need to define all
-# the constants separately because of old IPA installations
-from ipaplatform.constants import constants
-PKI_USER = constants.PKI_USER
-DS_USER = constants.DS_USER
-except ImportError:
-# oh dear, this is an old IPA (3.0+)
-from ipaserver.install.dsinstance import DS_USER #pylint: disable=E0611
-from ipaserver.install.cainstance import PKI_USER #pylint: disable=E0611
-
-try:
-from ipaplatform import services
-except ImportError:
-from ipapython import services # pylint: disable=no-name-in-module
-
-SERVERID = "PKI-IPA"
-SCHEMA_FILENAMES = (
-"60kerberos.ldif",
-"60samba.ldif",
-"60ipaconfig.ldif",
-"60basev2.ldif",
-"60basev3.ldif",
-"60ipadns.ldif",
-"61kerberos-ipav3.ldif",
-"65ipacertstore.ldif",
-"65ipasudo.ldif",
-"70ipaotp.ldif",
-"05rfc2247.ldif",
-)
-
-
-def _sha1_file(filename):
-with open(filename, 'rb') as f:
-return sha1(f.read()).hexdigest()
-
-
-def add_ca_schema():
-"""Copy IPA schema files into the CA DS instance
-"""
-pki_pent = pwd.getpwnam(PKI_USER)
-ds_pent = pwd.getpwnam(DS_USER)
-for schema_fname in SCHEMA_FILENAMES:
-source_fname = os.path.join(paths.USR_SHARE_IPA_DIR, schema_fname)
-target_fname = os.path.join(schema_dirname(SERVERID), schema_fname)
-if not os.path.exists(source_fname):
-root_logger.debug('File does not exist: %s', source_fname)
-continue
-if os.path.exists(target_fname):
-target_sha1 = _sha1_file(target_fname)
-source_sha1 = _sha1_file(source_fname)
-if target_sha1 != source_sha1:
-target_size = os.stat(target_fname).st_size
-source_size = os.stat(source_fname).st_size
-root_logger.info('Target file %s exists but the content is '
- 'different', target_fname)
-root_logger.info('\tTarget file: sha1: %s, size: %s B',
- target_sha1, target_size)
-root_logger.info('\tSource file: sha1: %s, size: %s B',
- source_sha1, source_size)
-if not ipautil.user_input("Do you want replace %s file?" %
- target_fname, True):
-continue
-
-else:
-root_
[Freeipa-devel] [freeipa PR#569][synchronized] Remove copy-schema-to-ca.py from master branch
URL: https://github.com/freeipa/freeipa/pull/569
Author: MartinBasti
Title: #569: Remove copy-schema-to-ca.py from master branch
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/569/head:pr569
git checkout pr569
From 6493e18e50220a01b50f2b6df8b75acc3745ec5f Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Fri, 10 Mar 2017 13:30:43 +0100
Subject: [PATCH] Remove copy-schema-to-ca.py from master branch
This script is used only for IPA <3.1, so it must be compatible with
ipa-3-0 branch, so it should be placed there
https://pagure.io/freeipa/issue/6540
---
freeipa.spec.in| 1 -
install/share/Makefile.am | 1 -
install/share/copy-schema-to-ca.py | 126 -
ipaserver/install/cainstance.py| 6 +-
4 files changed, 2 insertions(+), 132 deletions(-)
delete mode 100755 install/share/copy-schema-to-ca.py
diff --git a/freeipa.spec.in b/freeipa.spec.in
index db591e0..4d991d4 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1221,7 +1221,6 @@ fi
# END
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/wsgi.py*
-%{_usr}/share/ipa/copy-schema-to-ca.py*
%{_usr}/share/ipa/*.ldif
%{_usr}/share/ipa/*.uldif
%{_usr}/share/ipa/*.template
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 1e8f0d5..9e539a3 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -81,7 +81,6 @@ dist_app_DATA =\
automember.ldif \
replica-automember.ldif \
replica-s4u2proxy.ldif \
- copy-schema-to-ca.py \
sasl-mapping-fallback.ldif \
schema-update.ldif \
vault.ldif \
diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
deleted file mode 100755
index 4daed6f..000
--- a/install/share/copy-schema-to-ca.py
+++ /dev/null
@@ -1,126 +0,0 @@
-#! /usr/bin/python2
-
-"""Copy the IPA schema to the CA directory server instance
-
-You need to run this script to prepare a 2.2 or 3.0 IPA master for
-installation of a 3.1 replica.
-
-Once a 3.1 replica is in the domain, every older CA master will emit schema
-replication errors until this script is run on it.
-
-"""
-
-import os
-import sys
-import pwd
-import shutil
-
-from hashlib import sha1
-
-from ipaplatform.paths import paths
-from ipapython import ipautil
-from ipapython.ipa_log_manager import root_logger, standard_logging_setup
-from ipaserver.install.dsinstance import schema_dirname
-from ipalib import api
-
-try:
-# BE CAREFUL when using the constants module - you need to define all
-# the constants separately because of old IPA installations
-from ipaplatform.constants import constants
-PKI_USER = constants.PKI_USER
-DS_USER = constants.DS_USER
-except ImportError:
-# oh dear, this is an old IPA (3.0+)
-from ipaserver.install.dsinstance import DS_USER #pylint: disable=E0611
-from ipaserver.install.cainstance import PKI_USER #pylint: disable=E0611
-
-try:
-from ipaplatform import services
-except ImportError:
-from ipapython import services # pylint: disable=no-name-in-module
-
-SERVERID = "PKI-IPA"
-SCHEMA_FILENAMES = (
-"60kerberos.ldif",
-"60samba.ldif",
-"60ipaconfig.ldif",
-"60basev2.ldif",
-"60basev3.ldif",
-"60ipadns.ldif",
-"61kerberos-ipav3.ldif",
-"65ipacertstore.ldif",
-"65ipasudo.ldif",
-"70ipaotp.ldif",
-"05rfc2247.ldif",
-)
-
-
-def _sha1_file(filename):
-with open(filename, 'rb') as f:
-return sha1(f.read()).hexdigest()
-
-
-def add_ca_schema():
-"""Copy IPA schema files into the CA DS instance
-"""
-pki_pent = pwd.getpwnam(PKI_USER)
-ds_pent = pwd.getpwnam(DS_USER)
-for schema_fname in SCHEMA_FILENAMES:
-source_fname = os.path.join(paths.USR_SHARE_IPA_DIR, schema_fname)
-target_fname = os.path.join(schema_dirname(SERVERID), schema_fname)
-if not os.path.exists(source_fname):
-root_logger.debug('File does not exist: %s', source_fname)
-continue
-if os.path.exists(target_fname):
-target_sha1 = _sha1_file(target_fname)
-source_sha1 = _sha1_file(source_fname)
-if target_sha1 != source_sha1:
-target_size = os.stat(target_fname).st_size
-source_size = os.stat(source_fname).st_size
-root_logger.info('Target file %s exists but the content is '
- 'different', target_fname)
-root_logger.info('\tTarget file: sha1: %s, size: %s B',
- target_sha1, target_size)
-root_logger.info('\tSource file: sha1: %s, size: %s B',
- source_sha1, source_size)
-if not ipautil.user_input("Do you want replace %s file?" %
- target_fname, True):
-continue
-
-else:
-root_logg
