Backup/resore authentication control configuration

https://fedorahosted.org/freeipa/ticket/5071 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
author: David Kupka <dkupka@redhat.com> 2015-08-19 08:10:03 +0200
committer: Jan Cholasta <jcholast@redhat.com> 2015-08-19 14:13:00 +0200
commit: 4fe994b11f7e5978c969626dedc593b7357b7fd2 (patch)
tree: 342b1f78c0f9593dc33f4b8a920096f849a0a0b0 /ipaserver
parent: d0c41bd2f2d125fa591b13c602c125a2a112a6c7 (diff)
download: freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.tar.gz
freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.tar.xz
freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.zip
2 files changed, 8 insertions, 0 deletions
diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py
index d7afb3654..0ba44b280 100644
--- a/ipaserver/install/ipa_backup.py
+++ b/ipaserver/install/ipa_backup.py
@@ -41,6 +41,7 @@ from ipapython import ipaldap
 from ipalib.session import ISO8601_DATETIME_FMT
 from ipalib.constants import CACERT
 from ConfigParser import SafeConfigParser
+from ipaplatform.tasks import tasks
 
 """
 A test gpg can be generated like this:
@@ -302,6 +303,9 @@ class Backup(admintool.AdminTool):
                     self.db2ldif(instance, 'userRoot', online=options.online)
                     self.db2bak(instance, online=options.online)
             if not options.data_only:
+                # create backup of auth configuration
+                auth_backup_path = os.path.join(paths.VAR_LIB_IPA, 'auth_backup')
+                tasks.backup_auth_configuration(auth_backup_path)
                 self.file_backup(options)
             self.finalize_backup(options.data_only, options.gpg, options.gpg_keyring)
 
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index cb2aa781a..ea9f8228f 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -386,6 +386,10 @@ class Restore(admintool.AdminTool):
                     self.log.info('Starting Directory Server')
                     dirsrv.start(capture_output=False)
             else:
+                # restore access controll configuration
+                auth_backup_path = os.path.join(paths.VAR_LIB_IPA, 'auth_backup')
+                if os.path.exists(auth_backup_path):
+                    tasks.restore_auth_configuration(auth_backup_path)
                 # explicitly enable then disable the pki tomcatd service to
                 # re-register its instance. FIXME, this is really wierd.
                 services.knownservices.pki_tomcatd.enable()
author	David Kupka <dkupka@redhat.com>	2015-08-19 08:10:03 +0200
committer	Jan Cholasta <jcholast@redhat.com>	2015-08-19 14:13:00 +0200
commit	4fe994b11f7e5978c969626dedc593b7357b7fd2 (patch)
tree	342b1f78c0f9593dc33f4b8a920096f849a0a0b0 /ipaserver
parent	d0c41bd2f2d125fa591b13c602c125a2a112a6c7 (diff)
download	freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.tar.gz freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.tar.xz freeipa-4fe994b11f7e5978c969626dedc593b7357b7fd2.zip