Fixed KRA install problem.branch-10.2.7-dev1

Currently when installing an additional subsystem to an existing
instance the install tool always generates a new random password in
the pki_pin property which would not work with the existing NSS
database. The code has been modified to load the existing NSS
database password from the instance if the instance already exists.

The PKIInstance class has been modified to allow loading partially
created instance to help the installation.

https://fedorahosted.org/pki/ticket/2247

1 files changed, 29 insertions, 25 deletions

diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py
index 27746cf25..ee237b673 100644
--- a/base/server/python/pki/server/__init__.py
+++ b/base/server/python/pki/server/__init__.py
@@ -425,42 +425,46 @@ class PKIInstance(object):
 
     def load(self):
         # load UID and GID
-        with open(self.registry_file, 'r') as registry:
-            lines = registry.readlines()
+        if os.path.exists(self.registry_file):
 
-        for line in lines:
+            with open(self.registry_file, 'r') as registry:
+                lines = registry.readlines()
 
-            m = re.search('^PKI_USER=(.*)$', line)
-            if m:
-                self.user = m.group(1)
-                self.uid = pwd.getpwnam(self.user).pw_uid
+            for line in lines:
+                m = re.search('^PKI_USER=(.*)$', line)
+                if m:
+                    self.user = m.group(1)
+                    self.uid = pwd.getpwnam(self.user).pw_uid
 
-            m = re.search('^PKI_GROUP=(.*)$', line)
-            if m:
-                self.group = m.group(1)
-                self.gid = grp.getgrnam(self.group).gr_gid
+                m = re.search('^PKI_GROUP=(.*)$', line)
+                if m:
+                    self.group = m.group(1)
+                    self.gid = grp.getgrnam(self.group).gr_gid
 
         # load passwords
         self.passwords.clear()
-        lines = open(self.password_conf).read().splitlines()
+        if os.path.exists(self.password_conf):
 
-        for line in lines:
-            parts = line.split('=', 1)
-            name = parts[0]
-            value = parts[1]
-            self.passwords[name] = value
+            lines = open(self.password_conf).read().splitlines()
+
+            for line in lines:
+                parts = line.split('=', 1)
+                name = parts[0]
+                value = parts[1]
+                self.passwords[name] = value
 
         self.load_external_certs(self.external_certs_conf)
 
         # load subsystems
-        for subsystem_name in os.listdir(self.registry_dir):
-            if subsystem_name in SUBSYSTEM_TYPES:
-                if subsystem_name in SUBSYSTEM_CLASSES:
-                    subsystem = SUBSYSTEM_CLASSES[subsystem_name](self)
-                else:
-                    subsystem = PKISubsystem(self, subsystem_name)
-                subsystem.load()
-                self.subsystems.append(subsystem)
+        if os.path.exists(self.registry_dir):
+            for subsystem_name in os.listdir(self.registry_dir):
+                if subsystem_name in SUBSYSTEM_TYPES:
+                    if subsystem_name in SUBSYSTEM_CLASSES:
+                        subsystem = SUBSYSTEM_CLASSES[subsystem_name](self)
+                    else:
+                        subsystem = PKISubsystem(self, subsystem_name)
+                    subsystem.load()
+                    self.subsystems.append(subsystem)
 
     def load_external_certs(self, conf_file):
         self.external_certs = PKIInstance.read_external_certs(conf_file)