summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--API.txt6
-rw-r--r--contrib/RHEL4/ipachangeconf.py4
-rwxr-xr-xdaemons/dnssec/ipa-dnskeysyncd2
-rwxr-xr-xinstall/share/copy-schema-to-ca.py2
-rwxr-xr-xipa-client/ipa-install/ipa-client-install8
-rw-r--r--ipa-client/ipaclient/ipa_certupdate.py2
-rw-r--r--ipa-client/ipaclient/ipachangeconf.py4
-rw-r--r--ipalib/plugins/dns.py2
-rw-r--r--ipalib/plugins/trust.py2
-rw-r--r--ipapython/certdb.py10
-rw-r--r--ipapython/certmonger.py4
-rw-r--r--ipapython/ipa_log_manager.py2
-rw-r--r--ipaserver/install/bindinstance.py2
-rw-r--r--ipaserver/install/cainstance.py10
-rw-r--r--ipaserver/install/certs.py4
-rw-r--r--ipaserver/install/dnskeysyncinstance.py18
-rw-r--r--ipaserver/install/dsinstance.py6
-rw-r--r--ipaserver/install/httpinstance.py22
-rw-r--r--ipaserver/install/ipa_backup.py8
-rw-r--r--ipaserver/install/ipa_replica_prepare.py4
-rw-r--r--ipaserver/install/ipa_restore.py14
-rw-r--r--ipaserver/install/ipa_server_certinstall.py6
-rw-r--r--ipaserver/install/krbinstance.py4
-rw-r--r--ipaserver/install/odsexporterinstance.py2
-rw-r--r--ipaserver/install/opendnssecinstance.py16
-rw-r--r--ipaserver/install/server/install.py6
-rw-r--r--ipaserver/install/server/replicainstall.py4
-rw-r--r--ipaserver/install/server/upgrade.py2
-rw-r--r--ipatests/test_ipaserver/test_otptoken_import.py6
-rw-r--r--ipatests/test_xmlrpc/test_dns_plugin.py2
30 files changed, 92 insertions, 92 deletions
diff --git a/API.txt b/API.txt
index 6ab30ddab..2b7e00d2e 100644
--- a/API.txt
+++ b/API.txt
@@ -1387,7 +1387,7 @@ option: DNSNameParam('idnssoamname', attribute=True, cli_name='name_server', def
option: Int('idnssoarefresh', attribute=True, autofill=True, cli_name='refresh', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, required=True)
option: Int('idnssoaretry', attribute=True, autofill=True, cli_name='retry', default=900, maxvalue=2147483647, minvalue=0, multivalue=False, required=True)
option: DNSNameParam('idnssoarname', attribute=True, autofill=True, cli_name='admin_email', default=<DNS name hostmaster>, multivalue=False, required=True)
-option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', maxvalue=4294967295L, minvalue=1, multivalue=False, required=True)
+option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', maxvalue=4294967295, minvalue=1, multivalue=False, required=True)
option: Str('idnsupdatepolicy', attribute=True, autofill=True, cli_name='update_policy', multivalue=False, required=False)
option: Str('ip_address?')
option: Str('name_from_ip', attribute=False, cli_name='name_from_ip', multivalue=False, required=False)
@@ -1448,7 +1448,7 @@ option: DNSNameParam('idnssoamname', attribute=True, autofill=False, cli_name='n
option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
option: Int('idnssoaretry', attribute=True, autofill=False, cli_name='retry', default=900, maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
option: DNSNameParam('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default=<DNS name hostmaster>, multivalue=False, query=True, required=False)
-option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', maxvalue=4294967295L, minvalue=1, multivalue=False, query=True, required=False)
+option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', maxvalue=4294967295, minvalue=1, multivalue=False, query=True, required=False)
option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update_policy', multivalue=False, query=True, required=False)
option: Bool('idnszoneactive', attribute=True, autofill=False, cli_name='zone_active', multivalue=False, query=True, required=False)
option: Str('name_from_ip', attribute=False, autofill=False, cli_name='name_from_ip', multivalue=False, query=True, required=False)
@@ -1484,7 +1484,7 @@ option: DNSNameParam('idnssoamname', attribute=True, autofill=False, cli_name='n
option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
option: Int('idnssoaretry', attribute=True, autofill=False, cli_name='retry', default=900, maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
option: DNSNameParam('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default=<DNS name hostmaster>, multivalue=False, required=False)
-option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', maxvalue=4294967295L, minvalue=1, multivalue=False, required=False)
+option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', maxvalue=4294967295, minvalue=1, multivalue=False, required=False)
option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update_policy', multivalue=False, required=False)
option: Str('name_from_ip', attribute=False, autofill=False, cli_name='name_from_ip', multivalue=False, required=False)
option: Str('nsec3paramrecord', attribute=True, autofill=False, cli_name='nsec3param_rec', multivalue=False, pattern='^\\d+ \\d+ \\d+ (([0-9a-fA-F]{2})+|-)$', required=False)
diff --git a/contrib/RHEL4/ipachangeconf.py b/contrib/RHEL4/ipachangeconf.py
index 87b306f5d..ac7ecf891 100644
--- a/contrib/RHEL4/ipachangeconf.py
+++ b/contrib/RHEL4/ipachangeconf.py
@@ -401,7 +401,7 @@ class IPAChangeConf:
#Do not catch an unexisting file error, we want to fail in that case
shutil.copy2(file, file+".ipabkp")
- f = openLocked(file, 0644)
+ f = openLocked(file, 0o644)
oldopts = self.parse(f)
@@ -440,7 +440,7 @@ class IPAChangeConf:
# The orign file did not exist
pass
- f = openLocked(file, 0644)
+ f = openLocked(file, 0o644)
# Trunkate
f.seek(0)
diff --git a/daemons/dnssec/ipa-dnskeysyncd b/daemons/dnssec/ipa-dnskeysyncd
index a0fcf8b4b..f2fce3e4e 100755
--- a/daemons/dnssec/ipa-dnskeysyncd
+++ b/daemons/dnssec/ipa-dnskeysyncd
@@ -55,7 +55,7 @@ def commenceShutdown(signum, stack):
sys.exit(0)
-os.umask(007)
+os.umask(0o07)
# Signal handlers
signal.signal(signal.SIGTERM, commenceShutdown)
diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
index ff6c35685..fb111ca2a 100755
--- a/install/share/copy-schema-to-ca.py
+++ b/install/share/copy-schema-to-ca.py
@@ -86,7 +86,7 @@ def add_ca_schema():
root_logger.warning('Could not install %s: %s', target_fname, e)
else:
root_logger.info('Installed %s', target_fname)
- os.chmod(target_fname, 0440) # read access for dirsrv user/group
+ os.chmod(target_fname, 0o440) # read access for dirsrv user/group
os.chown(target_fname, pki_pent.pw_uid, ds_pent.pw_gid)
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 91323ae11..17cd2b687 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -847,7 +847,7 @@ def configure_ipa_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, ho
target_fname = paths.IPA_DEFAULT_CONF
fstore.backup_file(target_fname)
ipaconf.newConf(target_fname, opts)
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
return 0
@@ -1016,7 +1016,7 @@ def configure_openldap_conf(fstore, cli_basedn, cli_server):
root_logger.debug(error_msg.format(path=target_fname, err=str(e)))
return False
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
return True
def hardcode_ldap_server(cli_server):
@@ -1110,7 +1110,7 @@ def configure_krb5_conf(cli_realm, cli_domain, cli_server, cli_kdc, dnsok,
root_logger.debug("%s", krbconf.dump(opts))
krbconf.newConf(filename, opts)
- os.chmod(filename, 0644)
+ os.chmod(filename, 0o644)
return 0
@@ -1981,7 +1981,7 @@ def get_ca_certs(fstore, options, server, basedn, realm):
# Make sure the file permissions are correct
try:
- os.chmod(CACERT, 0644)
+ os.chmod(CACERT, 0o644)
except Exception, e:
raise errors.FileError(reason=u"Unable set permissions on ca "
u"cert '%s': %s" % (CACERT, e))
diff --git a/ipa-client/ipaclient/ipa_certupdate.py b/ipa-client/ipaclient/ipa_certupdate.py
index a9530674c..26e02ea33 100644
--- a/ipa-client/ipaclient/ipa_certupdate.py
+++ b/ipa-client/ipaclient/ipa_certupdate.py
@@ -164,7 +164,7 @@ class CertUpdate(admintool.AdminTool):
self.update_file(paths.CA_CRT, certs)
- def update_file(self, filename, certs, mode=0444):
+ def update_file(self, filename, certs, mode=0o444):
certs = (c[0] for c in certs if c[2] is not False)
try:
x509.write_certificate_list(certs, filename)
diff --git a/ipa-client/ipaclient/ipachangeconf.py b/ipa-client/ipaclient/ipachangeconf.py
index edf34f5ae..2c3185716 100644
--- a/ipa-client/ipaclient/ipachangeconf.py
+++ b/ipa-client/ipaclient/ipachangeconf.py
@@ -481,7 +481,7 @@ class IPAChangeConf:
# we want to fail in that case
shutil.copy2(file, (file + ".ipabkp"))
- f = openLocked(file, 0644)
+ f = openLocked(file, 0o644)
oldopts = self.parse(f)
@@ -520,7 +520,7 @@ class IPAChangeConf:
# The orign file did not exist
pass
- f = openLocked(file, 0644)
+ f = openLocked(file, 0o644)
# Trunkate
f.seek(0)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 512a653c3..1de3f16c2 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -2374,7 +2374,7 @@ class dnszone(DNSZoneBase):
label=_('SOA serial'),
doc=_('SOA record serial number'),
minvalue=1,
- maxvalue=4294967295L,
+ maxvalue=4294967295,
default_from=_create_zone_serial,
autofill=True,
),
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index faa8186ba..91ffaf7fe 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -334,7 +334,7 @@ def add_range(myapi, trustinstance, range_name, dom_sid, *keys, **options):
base_id = DEFAULT_RANGE_SIZE + (
pysss_murmur.murmurhash3(
dom_sid,
- len(dom_sid), 0xdeadbeefL
+ len(dom_sid), 0xdeadbeef
) % 10000
) * DEFAULT_RANGE_SIZE
diff --git a/ipapython/certdb.py b/ipapython/certdb.py
index 5a6e494fb..e3238c846 100644
--- a/ipapython/certdb.py
+++ b/ipapython/certdb.py
@@ -48,12 +48,12 @@ def create_ipa_nssdb():
with open(pwdfile, 'w') as f:
f.write(ipautil.ipa_generate_password(pwd_len=40))
- os.chmod(pwdfile, 0600)
+ os.chmod(pwdfile, 0o600)
db.create_db(pwdfile)
- os.chmod(os.path.join(db.secdir, 'cert8.db'), 0644)
- os.chmod(os.path.join(db.secdir, 'key3.db'), 0644)
- os.chmod(os.path.join(db.secdir, 'secmod.db'), 0644)
+ os.chmod(os.path.join(db.secdir, 'cert8.db'), 0o644)
+ os.chmod(os.path.join(db.secdir, 'key3.db'), 0o644)
+ os.chmod(os.path.join(db.secdir, 'secmod.db'), 0o644)
def find_cert_from_txt(cert, start=0):
@@ -420,7 +420,7 @@ class NSSDatabase(object):
cert = self.get_cert(nickname)
with open(location, "w+") as fd:
fd.write(cert)
- os.chmod(location, 0444)
+ os.chmod(location, 0o444)
def import_pem_cert(self, nickname, flags, location):
"""Import a cert form the given PEM file.
diff --git a/ipapython/certmonger.py b/ipapython/certmonger.py
index b37676872..3a2907d83 100644
--- a/ipapython/certmonger.py
+++ b/ipapython/certmonger.py
@@ -493,7 +493,7 @@ def dogtag_start_tracking(ca, nickname, pin, pinfile, secdir, pre_command,
params['KEY_PIN_FILE'] = os.path.abspath(pinfile)
if pre_command:
if not os.path.isabs(pre_command):
- if sys.maxsize > 2**32L:
+ if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
@@ -501,7 +501,7 @@ def dogtag_start_tracking(ca, nickname, pin, pinfile, secdir, pre_command,
params['cert-presave-command'] = pre_command
if post_command:
if not os.path.isabs(post_command):
- if sys.maxsize > 2**32L:
+ if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
diff --git a/ipapython/ipa_log_manager.py b/ipapython/ipa_log_manager.py
index f2cd4d3a1..8d01c51a4 100644
--- a/ipapython/ipa_log_manager.py
+++ b/ipapython/ipa_log_manager.py
@@ -180,7 +180,7 @@ def standard_logging_setup(filename=None, verbose=False, debug=False,
file_handler = dict(name='file',
filename=filename,
filemode=filemode,
- permission=0600,
+ permission=0o600,
level='debug',
format=LOGGING_FORMAT_STANDARD_FILE)
handlers.append(file_handler)
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 9705e845a..6d3470373 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -922,7 +922,7 @@ class BindInstance(service.Service):
# Make sure access is strictly reserved to the named user
pent = pwd.getpwnam(self.named_user)
os.chown(paths.NAMED_KEYTAB, pent.pw_uid, pent.pw_gid)
- os.chmod(paths.NAMED_KEYTAB, 0400)
+ os.chmod(paths.NAMED_KEYTAB, 0o400)
# modify the principal so that it is marked as an ipa service so that
# it can host the memberof attribute, then also add it to the
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 5fd3017e1..c1fa1fc27 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -1090,9 +1090,9 @@ class CAInstance(DogtagInstance):
raise RuntimeError("Unable to submit RA cert request")
def fix_ra_perms(self):
- os.chmod(self.ra_agent_db + "/cert8.db", 0640)
- os.chmod(self.ra_agent_db + "/key3.db", 0640)
- os.chmod(self.ra_agent_db + "/secmod.db", 0640)
+ os.chmod(self.ra_agent_db + "/cert8.db", 0o640)
+ os.chmod(self.ra_agent_db + "/key3.db", 0o640)
+ os.chmod(self.ra_agent_db + "/secmod.db", 0o640)
pent = pwd.getpwnam("apache")
os.chown(self.ra_agent_db + "/cert8.db", 0, pent.pw_gid )
@@ -1116,7 +1116,7 @@ class CAInstance(DogtagInstance):
if not os.path.exists(publishdir):
os.mkdir(publishdir)
- os.chmod(publishdir, 0775)
+ os.chmod(publishdir, 0o775)
pent = pwd.getpwnam(PKI_USER)
os.chown(publishdir, 0, pent.pw_gid)
@@ -1252,7 +1252,7 @@ class CAInstance(DogtagInstance):
fd = open(location, "w+")
fd.write(cert)
fd.close()
- os.chmod(location, 0444)
+ os.chmod(location, 0o444)
def configure_certmonger_renewal(self):
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 564332e6f..e8084950e 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -293,7 +293,7 @@ class CertDB(object):
/usr/lib[64]/ipa/certmonger.
"""
if command is not None and not os.path.isabs(command):
- if sys.maxsize > 2**32L:
+ if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
@@ -647,7 +647,7 @@ class CertDB(object):
def publish_ca_cert(self, location):
shutil.copy(self.cacert_fname, location)
- os.chmod(location, 0444)
+ os.chmod(location, 0o444)
def export_pem_cert(self, nickname, location):
return self.nssdb.export_pem_cert(nickname, location)
diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py
index 7d1351ccc..f593b7134 100644
--- a/ipaserver/install/dnskeysyncinstance.py
+++ b/ipaserver/install/dnskeysyncinstance.py
@@ -89,9 +89,9 @@ class DNSKeySyncInstance(service.Service):
self.named_gid = self.__get_named_gid()
if not os.path.exists(paths.BIND_LDAP_DNS_IPA_WORKDIR):
- os.mkdir(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0770)
+ os.mkdir(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0o770)
# dnssec daemons require to have access into the directory
- os.chmod(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0770)
+ os.chmod(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0o770)
os.chown(paths.BIND_LDAP_DNS_IPA_WORKDIR, self.named_uid,
self.named_gid)
@@ -200,7 +200,7 @@ class DNSKeySyncInstance(service.Service):
# create dnssec directory
if not os.path.exists(paths.IPA_DNSSEC_DIR):
self.logger.debug("Creating %s directory", paths.IPA_DNSSEC_DIR)
- os.mkdir(paths.IPA_DNSSEC_DIR, 0770)
+ os.mkdir(paths.IPA_DNSSEC_DIR, 0o770)
# chown ods:named
os.chown(paths.IPA_DNSSEC_DIR, self.ods_uid, self.named_gid)
@@ -245,7 +245,7 @@ class DNSKeySyncInstance(service.Service):
paths.DNSSEC_TOKENS_DIR)
# sticky bit is required by daemon
os.mkdir(paths.DNSSEC_TOKENS_DIR)
- os.chmod(paths.DNSSEC_TOKENS_DIR, 0770 | stat.S_ISGID)
+ os.chmod(paths.DNSSEC_TOKENS_DIR, 0o770 | stat.S_ISGID)
# chown to ods:named
os.chown(paths.DNSSEC_TOKENS_DIR, self.ods_uid, self.named_gid)
@@ -261,7 +261,7 @@ class DNSKeySyncInstance(service.Service):
named_fd.truncate(0)
named_fd.write(pin)
named_fd.close()
- os.chmod(paths.DNSSEC_SOFTHSM_PIN, 0770)
+ os.chmod(paths.DNSSEC_SOFTHSM_PIN, 0o770)
# chown to ods:named
os.chown(paths.DNSSEC_SOFTHSM_PIN, self.ods_uid, self.named_gid)
@@ -272,7 +272,7 @@ class DNSKeySyncInstance(service.Service):
named_fd.write(pin_so)
named_fd.close()
# owner must be root
- os.chmod(paths.DNSSEC_SOFTHSM_PIN_SO, 0400)
+ os.chmod(paths.DNSSEC_SOFTHSM_PIN_SO, 0o400)
# initialize SoftHSM
@@ -398,12 +398,12 @@ class DNSKeySyncInstance(service.Service):
for (root, dirs, files) in os.walk(paths.DNSSEC_TOKENS_DIR):
for directory in dirs:
dir_path = os.path.join(root, directory)
- os.chmod(dir_path, 0770 | stat.S_ISGID)
+ os.chmod(dir_path, 0o770 | stat.S_ISGID)
# chown to ods:named
os.chown(dir_path, self.ods_uid, self.named_gid)
for filename in files:
file_path = os.path.join(root, filename)
- os.chmod(file_path, 0770 | stat.S_ISGID)
+ os.chmod(file_path, 0o770 | stat.S_ISGID)
# chown to ods:named
os.chown(file_path, self.ods_uid, self.named_gid)
@@ -432,7 +432,7 @@ class DNSKeySyncInstance(service.Service):
# Make sure access is strictly reserved to the named user
os.chown(paths.IPA_DNSKEYSYNCD_KEYTAB, 0, self.ods_gid)
- os.chmod(paths.IPA_DNSKEYSYNCD_KEYTAB, 0440)
+ os.chmod(paths.IPA_DNSKEYSYNCD_KEYTAB, 0o440)
dns_group = DN(('cn', 'DNS Servers'), ('cn', 'privileges'),
('cn', 'pbac'), self.suffix)
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index d561ca5b6..f7360f5b4 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -425,7 +425,7 @@ class DsInstance(service.Service):
base_fd.close()
# Must be readable for dirsrv
- os.chmod(target_fname, 0440)
+ os.chmod(target_fname, 0o440)
os.chown(target_fname, pent.pw_uid, pent.pw_gid)
inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict)
@@ -463,7 +463,7 @@ class DsInstance(service.Service):
for schema_fname in IPA_SCHEMA_FILES:
target_fname = schema_dirname(self.serverid) + schema_fname
shutil.copyfile(ipautil.SHARE_DIR + schema_fname, target_fname)
- os.chmod(target_fname, 0440) # read access for dirsrv user/group
+ os.chmod(target_fname, 0o440) # read access for dirsrv user/group
os.chown(target_fname, pent.pw_uid, pent.pw_gid)
try:
@@ -472,7 +472,7 @@ class DsInstance(service.Service):
target_fname = schema_dirname(self.serverid) + "05rfc2247.ldif"
shutil.copyfile(ipautil.SHARE_DIR + "05rfc2247.ldif", target_fname)
- os.chmod(target_fname, 0440)
+ os.chmod(target_fname, 0o440)
os.chown(target_fname, pent.pw_uid, pent.pw_gid)
except IOError:
# Does not apply with newer DS releases
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index 792825621..7dcdda03d 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -186,7 +186,7 @@ class HTTPInstance(service.Service):
http_fd = open(target_fname, "w")
http_fd.write(http_txt)
http_fd.close()
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
target_fname = paths.HTTPD_IPA_REWRITE_CONF
http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa-rewrite.conf", self.sub_dict)
@@ -194,7 +194,7 @@ class HTTPInstance(service.Service):
http_fd = open(target_fname, "w")
http_fd.write(http_txt)
http_fd.close()
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
def change_mod_nss_port_from_http(self):
# mod_ssl enforces SSLEngine on for vhost on 443 even though
@@ -301,10 +301,10 @@ class HTTPInstance(service.Service):
db.create_signing_cert("Signing-Cert", "Object Signing Cert", ca_db)
# Fix the database permissions
- os.chmod(certs.NSS_DIR + "/cert8.db", 0660)
- os.chmod(certs.NSS_DIR + "/key3.db", 0660)
- os.chmod(certs.NSS_DIR + "/secmod.db", 0660)
- os.chmod(certs.NSS_DIR + "/pwdfile.txt", 0660)
+ os.chmod(certs.NSS_DIR + "/cert8.db", 0o660)
+ os.chmod(certs.NSS_DIR + "/key3.db", 0o660)
+ os.chmod(certs.NSS_DIR + "/secmod.db", 0o660)
+ os.chmod(certs.NSS_DIR + "/pwdfile.txt", 0o660)
pent = pwd.getpwnam("apache")
os.chown(certs.NSS_DIR + "/cert8.db", 0, pent.pw_gid )
@@ -325,7 +325,7 @@ class HTTPInstance(service.Service):
ipautil.copy_template_file(
ipautil.SHARE_DIR + "preferences.html.template",
target_fname, self.sub_dict)
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
# The signing cert is generated in __setup_ssl
db = certs.CertDB(self.realm, subject_base=self.subject_base)
@@ -342,7 +342,7 @@ class HTTPInstance(service.Service):
"-e", ".html", "-p", pwd,
tmpdir])
shutil.rmtree(tmpdir)
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
else:
root_logger.warning('Object-signing certificate was not found; '
'therefore, configure.jar was not created.')
@@ -361,7 +361,7 @@ class HTTPInstance(service.Service):
ipautil.copy_template_file(ipautil.SHARE_DIR + "krb.js.template",
target_fname, sub_dict)
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
# Setup extension
tmpdir = tempfile.mkdtemp(prefix="tmp-")
@@ -380,7 +380,7 @@ class HTTPInstance(service.Service):
ipautil.run([paths.ZIP, '-r', target_fname] + filenames,
cwd=extdir)
shutil.rmtree(tmpdir)
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
def __publish_ca_cert(self):
ca_db = certs.CertDB(self.realm)
@@ -441,7 +441,7 @@ class HTTPInstance(service.Service):
self.fstore.backup_file(target_fname)
with open(target_fname, 'w') as f:
f.write(http_txt)
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
def uninstall(self):
if self.is_configured():
diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py
index f7e032ae5..685c618d8 100644
--- a/ipaserver/install/ipa_backup.py
+++ b/ipaserver/install/ipa_backup.py
@@ -263,9 +263,9 @@ class Backup(admintool.AdminTool):
self.top_dir = tempfile.mkdtemp("ipa")
os.chown(self.top_dir, pent.pw_uid, pent.pw_gid)
- os.chmod(self.top_dir, 0750)
+ os.chmod(self.top_dir, 0o750)
self.dir = os.path.join(self.top_dir, "ipa")
- os.mkdir(self.dir, 0750)
+ os.mkdir(self.dir, 0o750)
os.chown(self.dir, pent.pw_uid, pent.pw_gid)
@@ -554,7 +554,7 @@ class Backup(admintool.AdminTool):
backup_dir = os.path.join(paths.IPA_BACKUP_DIR, time.strftime('ipa-full-%Y-%m-%d-%H-%M-%S'))
filename = os.path.join(backup_dir, "ipa-full.tar")
- os.mkdir(backup_dir, 0700)
+ os.mkdir(backup_dir, 0o700)
cwd = os.getcwd()
os.chdir(self.dir)
@@ -585,7 +585,7 @@ class Backup(admintool.AdminTool):
if instance != 'PKI-IPA':
return os.path.join(paths.VAR_LIB_DIRSRV, 'scripts-%s' % instance)
else:
- if sys.maxsize > 2**32L:
+ if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py
index 5246f5f54..55cdb8ad2 100644
--- a/ipaserver/install/ipa_replica_prepare.py
+++ b/ipaserver/install/ipa_replica_prepare.py
@@ -345,7 +345,7 @@ class ReplicaPrepare(admintool.AdminTool):
self.top_dir = tempfile.mkdtemp("ipa")
self.dir = os.path.join(self.top_dir, "realm_info")
- os.mkdir(self.dir, 0700)
+ os.mkdir(self.dir, 0o700)
try:
self.copy_ds_certificate()
@@ -475,7 +475,7 @@ class ReplicaPrepare(admintool.AdminTool):
ipautil.encrypt_file(
replicafile, encfile, self.dirman_password, self.top_dir)
- os.chmod(encfile, 0600)
+ os.chmod(encfile, 0o600)
installutils.remove_file(replicafile)
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index 528a6daf0..62b31c580 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -57,10 +57,10 @@ def recursive_chown(path, uid, gid):
for root, dirs, files in os.walk(path):
for dir in dirs:
os.chown(os.path.join(root, dir), uid, gid)
- os.chmod(os.path.join(root, dir), 0750)
+ os.chmod(os.path.join(root, dir), 0o750)
for file in files:
os.chown(os.path.join(root, file), uid, gid)
- os.chmod(os.path.join(root, file), 0640)
+ os.chmod(os.path.join(root, file), 0o640)
def decrypt_file(tmpdir, filename, keyring):
@@ -290,9 +290,9 @@ class Restore(admintool.AdminTool):
# Temporary directory for decrypting files before restoring
self.top_dir = tempfile.mkdtemp("ipa")
os.chown(self.top_dir, pent.pw_uid, pent.pw_gid)
- os.chmod(self.top_dir, 0750)
+ os.chmod(self.top_dir, 0o750)
self.dir = os.path.join(self.top_dir, "ipa")
- os.mkdir(self.dir, 0750)
+ os.mkdir(self.dir, 0o750)
os.chown(self.dir, pent.pw_uid, pent.pw_gid)
@@ -512,7 +512,7 @@ class Restore(admintool.AdminTool):
if not os.path.exists(ldifdir):
pent = pwd.getpwnam(DS_USER)
- os.mkdir(ldifdir, 0770)
+ os.mkdir(ldifdir, 0o770)
os.chown(ldifdir, pent.pw_uid, pent.pw_gid)
ipautil.backup_file(ldiffile)
@@ -733,7 +733,7 @@ class Restore(admintool.AdminTool):
if instance != 'PKI-IPA':
return os.path.join(paths.VAR_LIB_DIRSRV, 'scripts-%s' % instance)
else:
- if sys.maxsize > 2**32L:
+ if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
@@ -770,7 +770,7 @@ class Restore(admintool.AdminTool):
for dir in dirs:
try:
self.log.debug('Creating %s' % dir)
- os.mkdir(dir, 0770)
+ os.mkdir(dir, 0o770)
os.chown(dir, pent.pw_uid, pent.pw_gid)
tasks.restore_context(dir)
except Exception, e:
diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py
index 2e3e34a5e..d1c3bfd9d 100644
--- a/ipaserver/install/ipa_server_certinstall.py
+++ b/ipaserver/install/ipa_server_certinstall.py
@@ -147,9 +147,9 @@ class ServerCertInstall(admintool.AdminTool):
'NSSNickname', server_cert)
# Fix the database permissions
- os.chmod(os.path.join(dirname, 'cert8.db'), 0640)
- os.chmod(os.path.join(dirname, 'key3.db'), 0640)
- os.chmod(os.path.join(dirname, 'secmod.db'), 0640)
+ os.chmod(os.path.join(dirname, 'cert8.db'), 0o640)
+ os.chmod(os.path.join(dirname, 'key3.db'), 0o640)
+ os.chmod(os.path.join(dirname, 'secmod.db'), 0o640)
pent = pwd.getpwnam("apache")
os.chown(os.path.join(dirname, 'cert8.db'), 0, pent.pw_gid)
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index 648fc7601..b34d00601 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -317,7 +317,7 @@ class KrbInstance(service.Service):
def __add_default_acis(self):
self._ldap_mod("default-aci.ldif", self.sub_dict)
- def __template_file(self, path, chmod=0644):
+ def __template_file(self, path, chmod=0o644):
template = os.path.join(ipautil.SHARE_DIR, os.path.basename(path) + ".template")
conf = ipautil.template_file(template, self.sub_dict)
self.fstore.backup_file(path)
@@ -399,7 +399,7 @@ class KrbInstance(service.Service):
# Make sure access is strictly reserved to root only for now
os.chown(paths.KRB5_KEYTAB, 0, 0)
- os.chmod(paths.KRB5_KEYTAB, 0600)
+ os.chmod(paths.KRB5_KEYTAB, 0o600)
self.move_service_to_host(host_principal)
diff --git a/ipaserver/install/odsexporterinstance.py b/ipaserver/install/odsexporterinstance.py
index c37095cfc..51b0f3efc 100644
--- a/ipaserver/install/odsexporterinstance.py
+++ b/ipaserver/install/odsexporterinstance.py
@@ -108,7 +108,7 @@ class ODSExporterInstance(service.Service):
dns_exporter_principal_dn = p
# Make sure access is strictly reserved to the ods user
- os.chmod(paths.IPA_ODS_EXPORTER_KEYTAB, 0440)
+ os.chmod(paths.IPA_ODS_EXPORTER_KEYTAB, 0o440)
os.chown(paths.IPA_ODS_EXPORTER_KEYTAB, 0, self.ods_gid)
dns_group = DN(('cn', 'DNS Servers'), ('cn', 'privileges'),
diff --git a/ipaserver/install/opendnssecinstance.py b/ipaserver/install/opendnssecinstance.py
index 0f1af828e..a62fa667c 100644
--- a/ipaserver/install/opendnssecinstance.py
+++ b/ipaserver/install/opendnssecinstance.py
@@ -212,24 +212,24 @@ class OpenDNSSECInstance(service.Service):
for (root, dirs, files) in os.walk(paths.ETC_OPENDNSSEC_DIR):
for directory in dirs:
dir_path = os.path.join(root, directory)
- os.chmod(dir_path, 0770)
+ os.chmod(dir_path, 0o770)
# chown to root:ods
os.chown(dir_path, 0, self.ods_gid)
for filename in files:
file_path = os.path.join(root, filename)
- os.chmod(file_path, 0660)
+ os.chmod(file_path, 0o660)
# chown to root:ods
os.chown(file_path, 0, self.ods_gid)
for (root, dirs, files) in os.walk(paths.VAR_OPENDNSSEC_DIR):
for directory in dirs:
dir_path = os.path.join(root, directory)
- os.chmod(dir_path, 0770)
+ os.chmod(dir_path, 0o770)
# chown to ods:ods
os.chown(dir_path, self.ods_uid, self.ods_gid)
for filename in files:
file_path = os.path.join(root, filename)
- os.chmod(file_path, 0660)
+ os.chmod(file_path, 0o660)
# chown to ods:ods
os.chown(file_path, self.ods_uid, self.ods_gid)
@@ -250,11 +250,11 @@ class OpenDNSSECInstance(service.Service):
for (root, dirs, files) in os.walk(paths.DNSSEC_TOKENS_DIR):
for directory in dirs:
dir_path = os.path.join(root, directory)
- os.chmod(dir_path, 0770 | stat.S_ISGID)
+ os.chmod(dir_path, 0o770 | stat.S_ISGID)
os.chown(dir_path, self.ods_uid, self.named_gid) # chown to ods:named
for filename in files:
file_path = os.path.join(root, filename)
- os.chmod(file_path, 0770 | stat.S_ISGID)
+ os.chmod(file_path, 0o770 | stat.S_ISGID)
os.chown(file_path, self.ods_uid, self.named_gid) # chown to ods:named
finally:
@@ -276,7 +276,7 @@ class OpenDNSSECInstance(service.Service):
# privileges
shutil.copy(self.kasp_db_file, paths.OPENDNSSEC_KASP_DB)
os.chown(paths.OPENDNSSEC_KASP_DB, self.ods_uid, self.ods_gid)
- os.chmod(paths.OPENDNSSEC_KASP_DB, 0660)
+ os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660)
# regenerate zonelist.xml
ods_enforcerd = services.knownservices.ods_enforcerd
@@ -287,7 +287,7 @@ class OpenDNSSECInstance(service.Service):
zonelistf.write(stdout)
os.chown(paths.OPENDNSSEC_ZONELIST_FILE,
self.ods_uid, self.ods_gid)
- os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0660)
+ os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0o660)
else:
# initialize new kasp.db
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index b9bf3f34b..015050aa7 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -580,7 +580,7 @@ def install_check(installer):
fd.close()
# Must be readable for everyone
- os.chmod(target_fname, 0644)
+ os.chmod(target_fname, 0o644)
system_hostname = get_fqdn()
if host_name != system_hostname:
@@ -770,7 +770,7 @@ def install(installer):
else:
# Put the CA cert where other instances expect it
x509.write_certificate(http_ca_cert, CACERT)
- os.chmod(CACERT, 0444)
+ os.chmod(CACERT, 0o444)
# we now need to enable ssl on the ds
ds.enable_ssl()
@@ -821,7 +821,7 @@ def install(installer):
# Export full CA chain
ca_db = certs.CertDB(realm_name)
- os.chmod(CACERT, 0644)
+ os.chmod(CACERT, 0o644)
ca_db.publish_ca_cert(CACERT)
set_subject_in_config(realm_name, dm_password,
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 1ad291a1e..a0ae53438 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -105,7 +105,7 @@ def install_ca_cert(ldap, base_dn, realm, cafile):
certs = [c[0] for c in certs if c[2] is not False]
x509.write_certificate_list(certs, constants.CACERT)
- os.chmod(constants.CACERT, 0444)
+ os.chmod(constants.CACERT, 0o444)
except Exception, e:
print "error copying files: " + str(e)
sys.exit(1)
@@ -358,7 +358,7 @@ def install_check(installer):
# Create the management framework config file
# Note: We must do this before bootstraping and finalizing ipalib.api
- old_umask = os.umask(022) # must be readable for httpd
+ old_umask = os.umask(0o22) # must be readable for httpd
try:
fd = open(paths.IPA_DEFAULT_CONF, "w")
fd.write("[global]\n")
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index f295655dc..a342642b0 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -175,7 +175,7 @@ def check_certs():
if not os.path.exists(paths.CA_CRT):
ca_file = paths.ALIAS_CACERT_ASC
if os.path.exists(ca_file):
- old_umask = os.umask(022) # make sure its readable by httpd
+ old_umask = os.umask(0o22) # make sure its readable by httpd
try:
shutil.copyfile(ca_file, paths.CA_CRT)
finally:
diff --git a/ipatests/test_ipaserver/test_otptoken_import.py b/ipatests/test_ipaserver/test_otptoken_import.py
index 84df0e2a6..c8818a01e 100644
--- a/ipatests/test_ipaserver/test_otptoken_import.py
+++ b/ipatests/test_ipaserver/test_otptoken_import.py
@@ -40,7 +40,7 @@ class test_otptoken_import(object):
'ipatokenotpkey': u'GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ',
'ipatokenvendor': u'Manufacturer',
'ipatokenserial': u'987654321',
- 'ipatokenhotpcounter': 0L,
+ 'ipatokenhotpcounter': 0,
'ipatokenotpdigits': 8,
'type': u'hotp',
})]
@@ -76,7 +76,7 @@ class test_otptoken_import(object):
'ipatokenotpkey': u'GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ',
'ipatokenvendor': u'Manufacturer',
'ipatokenserial': u'987654321',
- 'ipatokenhotpcounter': 0L,
+ 'ipatokenhotpcounter': 0,
'ipatokenotpdigits': 8,
'type': u'hotp'})]
finally:
@@ -147,7 +147,7 @@ class test_otptoken_import(object):
'ipatokenvendor': u'iana.dummy',
'description': u'FriendlyName',
'ipatokentotptimestep': 200,
- 'ipatokenhotpcounter': 0L,
+ 'ipatokenhotpcounter': 0,
'ipatokenmodel': u'Model',
'ipatokenotpdigits': 8,
'type': u'hotp',
diff --git a/ipatests/test_xmlrpc/test_dns_plugin.py b/ipatests/test_xmlrpc/test_dns_plugin.py
index 83b5b2aec..7e5058b09 100644
--- a/ipatests/test_xmlrpc/test_dns_plugin.py
+++ b/ipatests/test_xmlrpc/test_dns_plugin.py
@@ -1832,7 +1832,7 @@ class test_dns(Declarative):
dict(
desc='Set SOA serial of zone %r to high number' % zone1,
- command=('dnszone_mod', [zone1], {'idnssoaserial': 4294967295L}),
+ command=('dnszone_mod', [zone1], {'idnssoaserial': 4294967295}),
expected={
'value': zone1_absolute_dnsname,
'summary': None,