install: drop support for Dogtag 9

Dogtag 9 CA and CA DS install and uninstall code was removed. Existing Dogtag 9 CA and CA DS instances are disabled on upgrade. Creating a replica of a Dogtag 9 IPA master is still supported. https://fedorahosted.org/freeipa/ticket/5197 Reviewed-By: David Kupka <dkupka@redhat.com>
author: Jan Cholasta <jcholast@redhat.com> 2015-11-09 18:28:47 +0100
committer: Jan Cholasta <jcholast@redhat.com> 2015-11-25 09:12:25 +0100
commit: aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0 (patch)
tree: 302b9ef0c8d4afbccc141f4f4b68a42295542cd8 /install/restart_scripts
parent: 5427e7a8c7216b0aa54159a668951d71fb009139 (diff)
download: freeipa-aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0.tar.gz
freeipa-aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0.tar.xz
freeipa-aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0.zip
2 files changed, 10 insertions, 16 deletions
diff --git a/install/restart_scripts/renew_ca_cert b/install/restart_scripts/renew_ca_cert
index 8ad0473b5..5f8646860 100644
--- a/install/restart_scripts/renew_ca_cert
+++ b/install/restart_scripts/renew_ca_cert
@@ -27,7 +27,7 @@ import tempfile
 import shutil
 import traceback
 
-from ipapython import dogtag, ipautil
+from ipapython import ipautil
 from ipapython.dn import DN
 from ipalib import api, errors, x509, certstore
 from ipaserver.install import certs, cainstance, installutils
@@ -42,20 +42,17 @@ def _main():
     api.bootstrap(context='restart')
     api.finalize()
 
-    configured_constants = dogtag.configured_constants(api)
-    alias_dir = configured_constants.ALIAS_DIR
-    dogtag_service = services.knownservices[configured_constants.SERVICE_NAME]
-    dogtag_instance = configured_constants.PKI_INSTANCE_NAME
+    dogtag_service = services.knownservices['pki_tomcatd']
 
     # dogtag opens its NSS database in read/write mode so we need it
     # shut down so certmonger can open it read/write mode. This avoids
     # database corruption. It should already be stopped by the pre-command
     # but lets be sure.
-    if dogtag_service.is_running(dogtag_instance):
+    if dogtag_service.is_running('pki-tomcat'):
         syslog.syslog(
             syslog.LOG_NOTICE, "Stopping %s" % dogtag_service.service_name)
         try:
-            dogtag_service.stop(dogtag_instance)
+            dogtag_service.stop('pki-tomcat')
         except Exception as e:
             syslog.syslog(
                 syslog.LOG_ERR,
@@ -65,7 +62,7 @@ def _main():
                 syslog.LOG_NOTICE, "Stopped %s" % dogtag_service.service_name)
 
     # Fetch the new certificate
-    db = certs.CertDB(api.env.realm, nssdir=alias_dir)
+    db = certs.CertDB(api.env.realm, nssdir=paths.PKI_TOMCAT_ALIAS_DIR)
     cert = db.get_cert_from_db(nickname, pem=False)
     if not cert:
         syslog.syslog(syslog.LOG_ERR, 'No certificate %s found.' % nickname)
@@ -79,7 +76,7 @@ def _main():
         os.environ['KRB5CCNAME'] = ccache_filename
 
         ca = cainstance.CAInstance(host_name=api.env.host, ldapi=False)
-        ca.update_cert_config(nickname, cert, configured_constants)
+        ca.update_cert_config(nickname, cert)
         if ca.is_renewal_master():
             cainstance.update_people_entry(cert)
 
@@ -100,7 +97,7 @@ def _main():
                     (nickname, db.secdir))
         elif nickname == 'caSigningCert cert-pki-ca':
             # Update CS.cfg
-            cfg_path = configured_constants.CS_CFG_PATH
+            cfg_path = paths.CA_CS_CFG_PATH
             config = installutils.get_directive(
                 cfg_path, 'subsystem.select', '=')
             if config == 'New':
@@ -203,7 +200,7 @@ def _main():
         syslog.LOG_NOTICE,
         'Starting %s' % dogtag_service.service_name)
     try:
-        dogtag_service.start(dogtag_instance)
+        dogtag_service.start('pki-tomcat')
     except Exception as e:
         syslog.syslog(
             syslog.LOG_ERR,
diff --git a/install/restart_scripts/stop_pkicad b/install/restart_scripts/stop_pkicad
index 7a238706d..22d492012 100644
--- a/install/restart_scripts/stop_pkicad
+++ b/install/restart_scripts/stop_pkicad
@@ -22,7 +22,6 @@
 import sys
 import syslog
 import traceback
-from ipapython import dogtag
 from ipalib import api
 from ipaplatform import services
 from ipaserver.install import certs
@@ -32,15 +31,13 @@ def main():
     api.bootstrap(context='restart')
     api.finalize()
 
-    configured_constants = dogtag.configured_constants(api)
-    dogtag_service = services.knownservices[configured_constants.SERVICE_NAME]
-    dogtag_instance = configured_constants.PKI_INSTANCE_NAME
+    dogtag_service = services.knownservices['pki_tomcatd']
 
     certs.renewal_lock.acquire('renew_ca_cert')
 
     syslog.syslog(syslog.LOG_NOTICE, "Stopping %s" % dogtag_service.service_name)
     try:
-        dogtag_service.stop(dogtag_instance)
+        dogtag_service.stop('pki-tomcat')
     except Exception as e:
         syslog.syslog(
             syslog.LOG_ERR, "Cannot stop %s: %s" % (dogtag_service.service_name, e))
author	Jan Cholasta <jcholast@redhat.com>	2015-11-09 18:28:47 +0100
committer	Jan Cholasta <jcholast@redhat.com>	2015-11-25 09:12:25 +0100
commit	aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0 (patch)
tree	302b9ef0c8d4afbccc141f4f4b68a42295542cd8 /install/restart_scripts
parent	5427e7a8c7216b0aa54159a668951d71fb009139 (diff)
download	freeipa-aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0.tar.gz freeipa-aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0.tar.xz freeipa-aeffe2da42734655cbaedb2c4d4f9e28bd2df1c0.zip