135 lines
4.1 KiB
Diff
135 lines
4.1 KiB
Diff
|
From dc00a5c3aaf84f8fb2a3c0473e31646b9d57badc Mon Sep 17 00:00:00 2001
|
||
|
From: Dinesh Prasanth M K <SilleBille@users.noreply.github.com>
|
||
|
Date: Wed, 25 Mar 2020 16:02:15 -0400
|
||
|
Subject: [PATCH] Patch ECAdminCertProfile upgrade script
|
||
|
|
||
|
Backport of PR #355
|
||
|
|
||
|
The caECAdminCert profile was added 2 years ago but was never patched
|
||
|
to be added to the CS.cfg. Hence, when a user tries to upgrade, the path
|
||
|
did not exist and so, the upgrade failed. This patch adds the missing
|
||
|
attribute to ensure smooth upgradation process
|
||
|
|
||
|
Move 10.8.2 upgrade script to 10.8.3
|
||
|
|
||
|
Resolves: BZ#1814242
|
||
|
Upstream: https://pagure.io/dogtagpki/issue/3168
|
||
|
|
||
|
Signed-off-by: Dinesh Prasanth M K <dmoluguw@redhat.com>
|
||
|
---
|
||
|
.../10.8.2/01-FixECAdminCertProfile.py | 39 -------------
|
||
|
.../10.8.3/01-FixECAdminCertProfile.py | 55 +++++++++++++++++++
|
||
|
2 files changed, 55 insertions(+), 39 deletions(-)
|
||
|
delete mode 100644 base/server/upgrade/10.8.2/01-FixECAdminCertProfile.py
|
||
|
create mode 100644 base/server/upgrade/10.8.3/01-FixECAdminCertProfile.py
|
||
|
|
||
|
diff --git a/base/server/upgrade/10.8.2/01-FixECAdminCertProfile.py b/base/server/upgrade/10.8.2/01-FixECAdminCertProfile.py
|
||
|
deleted file mode 100644
|
||
|
index ebdb98304..000000000
|
||
|
--- a/base/server/upgrade/10.8.2/01-FixECAdminCertProfile.py
|
||
|
+++ /dev/null
|
||
|
@@ -1,39 +0,0 @@
|
||
|
-# Authors:
|
||
|
-# Endi S. Dewata <edewata@redhat.com>
|
||
|
-#
|
||
|
-# Copyright Red Hat, Inc.
|
||
|
-#
|
||
|
-# SPDX-License-Identifier: GPL-2.0-or-later
|
||
|
-
|
||
|
-from __future__ import absolute_import
|
||
|
-import logging
|
||
|
-import os
|
||
|
-
|
||
|
-import pki
|
||
|
-
|
||
|
-logger = logging.getLogger(__name__)
|
||
|
-
|
||
|
-
|
||
|
-class FixECAdminCertProfile(pki.server.upgrade.PKIServerUpgradeScriptlet):
|
||
|
-
|
||
|
- def __init__(self):
|
||
|
- super(FixECAdminCertProfile, self).__init__()
|
||
|
- self.message = 'Fix EC admin certificate profile'
|
||
|
-
|
||
|
- def upgrade_subsystem(self, instance, subsystem):
|
||
|
-
|
||
|
- if subsystem.name != 'ca':
|
||
|
- return
|
||
|
-
|
||
|
- self.backup(subsystem.cs_conf)
|
||
|
-
|
||
|
- path = subsystem.config.get('profile.caECAdminCert.config')
|
||
|
- logger.info('Current path: %s', path)
|
||
|
-
|
||
|
- dirname = os.path.dirname(path)
|
||
|
-
|
||
|
- path = os.path.join(dirname, 'caECAdminCert.cfg')
|
||
|
- logger.info('New path: %s', path)
|
||
|
-
|
||
|
- subsystem.config['profile.caECAdminCert.config'] = path
|
||
|
- subsystem.save()
|
||
|
diff --git a/base/server/upgrade/10.8.3/01-FixECAdminCertProfile.py b/base/server/upgrade/10.8.3/01-FixECAdminCertProfile.py
|
||
|
new file mode 100644
|
||
|
index 000000000..92664d292
|
||
|
--- /dev/null
|
||
|
+++ b/base/server/upgrade/10.8.3/01-FixECAdminCertProfile.py
|
||
|
@@ -0,0 +1,55 @@
|
||
|
+# Authors:
|
||
|
+# Endi S. Dewata <edewata@redhat.com>
|
||
|
+#
|
||
|
+# Copyright Red Hat, Inc.
|
||
|
+#
|
||
|
+# SPDX-License-Identifier: GPL-2.0-or-later
|
||
|
+
|
||
|
+from __future__ import absolute_import
|
||
|
+import logging
|
||
|
+import os
|
||
|
+
|
||
|
+import pki
|
||
|
+
|
||
|
+logger = logging.getLogger(__name__)
|
||
|
+
|
||
|
+
|
||
|
+class FixECAdminCertProfile(pki.server.upgrade.PKIServerUpgradeScriptlet):
|
||
|
+
|
||
|
+ def __init__(self):
|
||
|
+ super(FixECAdminCertProfile, self).__init__()
|
||
|
+ self.message = 'Fix EC admin certificate profile'
|
||
|
+
|
||
|
+ def upgrade_subsystem(self, instance, subsystem):
|
||
|
+
|
||
|
+ if subsystem.name != 'ca':
|
||
|
+ return
|
||
|
+
|
||
|
+ self.backup(subsystem.cs_conf)
|
||
|
+
|
||
|
+ path = subsystem.config.get('profile.caECAdminCert.config')
|
||
|
+ if path is None:
|
||
|
+ # Add missing path
|
||
|
+ logger.info('Missing profile.caECAdminCert.config')
|
||
|
+
|
||
|
+ path = "{0}/profiles/{1}/caECAdminCert.cfg".format(
|
||
|
+ subsystem.base_dir, subsystem.name)
|
||
|
+
|
||
|
+ else:
|
||
|
+ # Fix existing path
|
||
|
+ logger.info("Fixing profile.caECAdminCert.config")
|
||
|
+ dirname = os.path.dirname(path)
|
||
|
+ path = os.path.join(dirname, 'caECAdminCert.cfg')
|
||
|
+
|
||
|
+ logger.info('New path: %s', path)
|
||
|
+ subsystem.config['profile.caECAdminCert.config'] = path
|
||
|
+
|
||
|
+ subsystem.config['profile.caECAdminCert.class_id'] = 'caEnrollImpl'
|
||
|
+
|
||
|
+ # check if caECAdminCert is part of profile.list
|
||
|
+ profile_list = subsystem.config['profile.list'].split(',')
|
||
|
+ if 'caECAdminCert' not in profile_list:
|
||
|
+ profile_list.append('caECAdminCert')
|
||
|
+ subsystem.config['profile.list'] = ','.join(profile_list)
|
||
|
+
|
||
|
+ subsystem.save()
|
||
|
--
|
||
|
2.23.0
|
||
|
|