diff options
Diffstat (limited to 'base/server/upgrade/10.4.0')
| -rwxr-xr-x | base/server/upgrade/10.4.0/04-AddExternalProcessConstraintToRegistry | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/base/server/upgrade/10.4.0/04-AddExternalProcessConstraintToRegistry b/base/server/upgrade/10.4.0/04-AddExternalProcessConstraintToRegistry new file mode 100755 index 000000000..a9ee00aec --- /dev/null +++ b/base/server/upgrade/10.4.0/04-AddExternalProcessConstraintToRegistry @@ -0,0 +1,67 @@ +#!/usr/bin/python +# Authors: +# Fraser Tweedale <ftweedal@redhat.com> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2017 Red Hat, Inc. +# All rights reserved. + +from __future__ import absolute_import +import os.path + +import pki +from pki.server.upgrade import PKIServerUpgradeScriptlet + + +class AddExternalProcessConstraintToRegistry(PKIServerUpgradeScriptlet): + + new_config = { + 'constraintPolicy.externalProcessConstraintImpl.class': + 'com.netscape.cms.profile.constraint.ExternalProcessConstraint', + 'constraintPolicy.externalProcessConstraintImpl.desc': + 'External Process Constraint', + 'constraintPolicy.externalProcessConstraintImpl.name': + 'External Process Constraint', + } + + constraint_name = 'externalProcessConstraintImpl' + + def __init__(self): + super(AddExternalProcessConstraintToRegistry, self).__init__() + self.message = 'Add ExternalProcessConstraint to registry' + + def upgrade_subsystem(self, instance, subsystem): + if subsystem.name == 'ca': + self.add_new_entries(instance, subsystem) + + def add_new_entries(self, instance, subsystem): # pylint: disable=W0613 + filename = os.path.join(subsystem.conf_dir, 'registry.cfg') + self.backup(filename) + + properties = pki.PropertyFile(filename) + properties.read() + + # add constraint to constraint list + constraints = properties.get('constraintPolicy.ids').split(',') + if self.constraint_name in constraints: + return # update not required + + constraints.append(self.constraint_name) + properties.set('constraintPolicy.ids', ','.join(constraints)) + + for k, v in self.new_config.items(): + properties.set(k, v) + + properties.write() |