diff options
author | David Kupka <dkupka@redhat.com> | 2015-08-19 08:10:03 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-08-19 14:13:00 +0200 |
commit | 4fe994b11f7e5978c969626dedc593b7357b7fd2 (patch) | |
tree | 342b1f78c0f9593dc33f4b8a920096f849a0a0b0 /ipaserver | |
parent | d0c41bd2f2d125fa591b13c602c125a2a112a6c7 (diff) | |
download | freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.tar.gz freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.tar.xz freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.zip |
Backup/resore authentication control configuration
https://fedorahosted.org/freeipa/ticket/5071
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/ipa_backup.py | 4 | ||||
-rw-r--r-- | ipaserver/install/ipa_restore.py | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py index d7afb3654..0ba44b280 100644 --- a/ipaserver/install/ipa_backup.py +++ b/ipaserver/install/ipa_backup.py @@ -41,6 +41,7 @@ from ipapython import ipaldap from ipalib.session import ISO8601_DATETIME_FMT from ipalib.constants import CACERT from ConfigParser import SafeConfigParser +from ipaplatform.tasks import tasks """ A test gpg can be generated like this: @@ -302,6 +303,9 @@ class Backup(admintool.AdminTool): self.db2ldif(instance, 'userRoot', online=options.online) self.db2bak(instance, online=options.online) if not options.data_only: + # create backup of auth configuration + auth_backup_path = os.path.join(paths.VAR_LIB_IPA, 'auth_backup') + tasks.backup_auth_configuration(auth_backup_path) self.file_backup(options) self.finalize_backup(options.data_only, options.gpg, options.gpg_keyring) diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py index cb2aa781a..ea9f8228f 100644 --- a/ipaserver/install/ipa_restore.py +++ b/ipaserver/install/ipa_restore.py @@ -386,6 +386,10 @@ class Restore(admintool.AdminTool): self.log.info('Starting Directory Server') dirsrv.start(capture_output=False) else: + # restore access controll configuration + auth_backup_path = os.path.join(paths.VAR_LIB_IPA, 'auth_backup') + if os.path.exists(auth_backup_path): + tasks.restore_auth_configuration(auth_backup_path) # explicitly enable then disable the pki tomcatd service to # re-register its instance. FIXME, this is really wierd. services.knownservices.pki_tomcatd.enable() |