diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-11-20 13:57:46 +0000 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2014-11-21 16:29:51 +0100 |
commit | aa9ecb253a60d9d15cd41c5c38695fe64058669a (patch) | |
tree | 5cc0bf5a48c3b2bf3b0e6df9f840793391f9ea71 /ipaserver | |
parent | 373bbee4e3c25fd6fb41a75b62b09d60da1a5d82 (diff) | |
download | freeipa-aa9ecb253a60d9d15cd41c5c38695fe64058669a.tar.gz freeipa-aa9ecb253a60d9d15cd41c5c38695fe64058669a.tar.xz freeipa-aa9ecb253a60d9d15cd41c5c38695fe64058669a.zip |
Stop tracking certificates before restoring them in ipa-restore
https://fedorahosted.org/freeipa/ticket/4727
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/ipa_restore.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py index 8bd0bce48..b3c519eea 100644 --- a/ipaserver/install/ipa_restore.py +++ b/ipaserver/install/ipa_restore.py @@ -26,7 +26,7 @@ import pwd from ConfigParser import SafeConfigParser from ipalib import api, errors -from ipapython import version, ipautil, certdb +from ipapython import version, ipautil, certdb, dogtag from ipapython.ipautil import run, user_input from ipapython import admintool from ipapython.dn import DN @@ -36,7 +36,7 @@ from ipaserver.install.cainstance import PKI_USER, create_ca_user from ipaserver.install.replication import (wait_for_task, ReplicationManager, get_cs_replication_manager) from ipaserver.install import installutils -from ipaserver.install import httpinstance +from ipaserver.install import dsinstance, httpinstance, cainstance from ipapython import ipaldap import ipapython.errors from ipaplatform.tasks import tasks @@ -675,6 +675,12 @@ class Restore(admintool.AdminTool): self.log.error('%s', e) def cert_restore_prepare(self): + cainstance.CAInstance().stop_tracking_certificates( + dogtag.configured_constants()) + httpinstance.HTTPInstance().stop_tracking_certificates() + dsinstance.DsInstance().stop_tracking_certificates( + realm_to_serverid(api.env.realm)) + for basename in ('cert8.db', 'key3.db', 'secmod.db', 'pwdfile.txt'): filename = os.path.join(paths.IPA_NSSDB_DIR, basename) try: @@ -704,3 +710,5 @@ class Restore(admintool.AdminTool): (nickname, paths.IPA_NSSDB_DIR, e)) tasks.reload_systemwide_ca_store() + + services.knownservices.certmonger.restart() |