diff options
author | Petr Viktorin <pviktori@redhat.com> | 2015-07-15 16:38:06 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-07-31 15:22:19 +0200 |
commit | b8c46f2a32d0d8c2dc6ef0867f85f63cf076a004 (patch) | |
tree | 28e52d8fe2e3531e226d8c2249d6b7216f80bf48 /ipaserver/install | |
parent | a908be2785d4388e3c97c7cd543c817c527d73c9 (diff) | |
download | freeipa-b8c46f2a32d0d8c2dc6ef0867f85f63cf076a004.tar.gz freeipa-b8c46f2a32d0d8c2dc6ef0867f85f63cf076a004.tar.xz freeipa-b8c46f2a32d0d8c2dc6ef0867f85f63cf076a004.zip |
Modernize number literals
Use Python-3 compatible syntax, without breaking compatibility with py 2.7
- Octals literals start with 0o to prevent confusion
- The "L" at the end of large int literals is not required as they use
long on Python 2 automatically.
- Using 'int' instead of 'long' for small numbers is OK in all cases except
strict type checking checking, e.g. type(0).
https://fedorahosted.org/freeipa/ticket/4985
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/install')
-rw-r--r-- | ipaserver/install/bindinstance.py | 2 | ||||
-rw-r--r-- | ipaserver/install/cainstance.py | 10 | ||||
-rw-r--r-- | ipaserver/install/certs.py | 4 | ||||
-rw-r--r-- | ipaserver/install/dnskeysyncinstance.py | 18 | ||||
-rw-r--r-- | ipaserver/install/dsinstance.py | 6 | ||||
-rw-r--r-- | ipaserver/install/httpinstance.py | 22 | ||||
-rw-r--r-- | ipaserver/install/ipa_backup.py | 8 | ||||
-rw-r--r-- | ipaserver/install/ipa_replica_prepare.py | 4 | ||||
-rw-r--r-- | ipaserver/install/ipa_restore.py | 14 | ||||
-rw-r--r-- | ipaserver/install/ipa_server_certinstall.py | 6 | ||||
-rw-r--r-- | ipaserver/install/krbinstance.py | 4 | ||||
-rw-r--r-- | ipaserver/install/odsexporterinstance.py | 2 | ||||
-rw-r--r-- | ipaserver/install/opendnssecinstance.py | 16 | ||||
-rw-r--r-- | ipaserver/install/server/install.py | 6 | ||||
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 4 | ||||
-rw-r--r-- | ipaserver/install/server/upgrade.py | 2 |
16 files changed, 64 insertions, 64 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 9705e845a..6d3470373 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -922,7 +922,7 @@ class BindInstance(service.Service): # Make sure access is strictly reserved to the named user pent = pwd.getpwnam(self.named_user) os.chown(paths.NAMED_KEYTAB, pent.pw_uid, pent.pw_gid) - os.chmod(paths.NAMED_KEYTAB, 0400) + os.chmod(paths.NAMED_KEYTAB, 0o400) # modify the principal so that it is marked as an ipa service so that # it can host the memberof attribute, then also add it to the diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 5fd3017e1..c1fa1fc27 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1090,9 +1090,9 @@ class CAInstance(DogtagInstance): raise RuntimeError("Unable to submit RA cert request") def fix_ra_perms(self): - os.chmod(self.ra_agent_db + "/cert8.db", 0640) - os.chmod(self.ra_agent_db + "/key3.db", 0640) - os.chmod(self.ra_agent_db + "/secmod.db", 0640) + os.chmod(self.ra_agent_db + "/cert8.db", 0o640) + os.chmod(self.ra_agent_db + "/key3.db", 0o640) + os.chmod(self.ra_agent_db + "/secmod.db", 0o640) pent = pwd.getpwnam("apache") os.chown(self.ra_agent_db + "/cert8.db", 0, pent.pw_gid ) @@ -1116,7 +1116,7 @@ class CAInstance(DogtagInstance): if not os.path.exists(publishdir): os.mkdir(publishdir) - os.chmod(publishdir, 0775) + os.chmod(publishdir, 0o775) pent = pwd.getpwnam(PKI_USER) os.chown(publishdir, 0, pent.pw_gid) @@ -1252,7 +1252,7 @@ class CAInstance(DogtagInstance): fd = open(location, "w+") fd.write(cert) fd.close() - os.chmod(location, 0444) + os.chmod(location, 0o444) def configure_certmonger_renewal(self): diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index 564332e6f..e8084950e 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -293,7 +293,7 @@ class CertDB(object): /usr/lib[64]/ipa/certmonger. """ if command is not None and not os.path.isabs(command): - if sys.maxsize > 2**32L: + if sys.maxsize > 2**32: libpath = 'lib64' else: libpath = 'lib' @@ -647,7 +647,7 @@ class CertDB(object): def publish_ca_cert(self, location): shutil.copy(self.cacert_fname, location) - os.chmod(location, 0444) + os.chmod(location, 0o444) def export_pem_cert(self, nickname, location): return self.nssdb.export_pem_cert(nickname, location) diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py index 7d1351ccc..f593b7134 100644 --- a/ipaserver/install/dnskeysyncinstance.py +++ b/ipaserver/install/dnskeysyncinstance.py @@ -89,9 +89,9 @@ class DNSKeySyncInstance(service.Service): self.named_gid = self.__get_named_gid() if not os.path.exists(paths.BIND_LDAP_DNS_IPA_WORKDIR): - os.mkdir(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0770) + os.mkdir(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0o770) # dnssec daemons require to have access into the directory - os.chmod(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0770) + os.chmod(paths.BIND_LDAP_DNS_IPA_WORKDIR, 0o770) os.chown(paths.BIND_LDAP_DNS_IPA_WORKDIR, self.named_uid, self.named_gid) @@ -200,7 +200,7 @@ class DNSKeySyncInstance(service.Service): # create dnssec directory if not os.path.exists(paths.IPA_DNSSEC_DIR): self.logger.debug("Creating %s directory", paths.IPA_DNSSEC_DIR) - os.mkdir(paths.IPA_DNSSEC_DIR, 0770) + os.mkdir(paths.IPA_DNSSEC_DIR, 0o770) # chown ods:named os.chown(paths.IPA_DNSSEC_DIR, self.ods_uid, self.named_gid) @@ -245,7 +245,7 @@ class DNSKeySyncInstance(service.Service): paths.DNSSEC_TOKENS_DIR) # sticky bit is required by daemon os.mkdir(paths.DNSSEC_TOKENS_DIR) - os.chmod(paths.DNSSEC_TOKENS_DIR, 0770 | stat.S_ISGID) + os.chmod(paths.DNSSEC_TOKENS_DIR, 0o770 | stat.S_ISGID) # chown to ods:named os.chown(paths.DNSSEC_TOKENS_DIR, self.ods_uid, self.named_gid) @@ -261,7 +261,7 @@ class DNSKeySyncInstance(service.Service): named_fd.truncate(0) named_fd.write(pin) named_fd.close() - os.chmod(paths.DNSSEC_SOFTHSM_PIN, 0770) + os.chmod(paths.DNSSEC_SOFTHSM_PIN, 0o770) # chown to ods:named os.chown(paths.DNSSEC_SOFTHSM_PIN, self.ods_uid, self.named_gid) @@ -272,7 +272,7 @@ class DNSKeySyncInstance(service.Service): named_fd.write(pin_so) named_fd.close() # owner must be root - os.chmod(paths.DNSSEC_SOFTHSM_PIN_SO, 0400) + os.chmod(paths.DNSSEC_SOFTHSM_PIN_SO, 0o400) # initialize SoftHSM @@ -398,12 +398,12 @@ class DNSKeySyncInstance(service.Service): for (root, dirs, files) in os.walk(paths.DNSSEC_TOKENS_DIR): for directory in dirs: dir_path = os.path.join(root, directory) - os.chmod(dir_path, 0770 | stat.S_ISGID) + os.chmod(dir_path, 0o770 | stat.S_ISGID) # chown to ods:named os.chown(dir_path, self.ods_uid, self.named_gid) for filename in files: file_path = os.path.join(root, filename) - os.chmod(file_path, 0770 | stat.S_ISGID) + os.chmod(file_path, 0o770 | stat.S_ISGID) # chown to ods:named os.chown(file_path, self.ods_uid, self.named_gid) @@ -432,7 +432,7 @@ class DNSKeySyncInstance(service.Service): # Make sure access is strictly reserved to the named user os.chown(paths.IPA_DNSKEYSYNCD_KEYTAB, 0, self.ods_gid) - os.chmod(paths.IPA_DNSKEYSYNCD_KEYTAB, 0440) + os.chmod(paths.IPA_DNSKEYSYNCD_KEYTAB, 0o440) dns_group = DN(('cn', 'DNS Servers'), ('cn', 'privileges'), ('cn', 'pbac'), self.suffix) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index d561ca5b6..f7360f5b4 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -425,7 +425,7 @@ class DsInstance(service.Service): base_fd.close() # Must be readable for dirsrv - os.chmod(target_fname, 0440) + os.chmod(target_fname, 0o440) os.chown(target_fname, pent.pw_uid, pent.pw_gid) inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict) @@ -463,7 +463,7 @@ class DsInstance(service.Service): for schema_fname in IPA_SCHEMA_FILES: target_fname = schema_dirname(self.serverid) + schema_fname shutil.copyfile(ipautil.SHARE_DIR + schema_fname, target_fname) - os.chmod(target_fname, 0440) # read access for dirsrv user/group + os.chmod(target_fname, 0o440) # read access for dirsrv user/group os.chown(target_fname, pent.pw_uid, pent.pw_gid) try: @@ -472,7 +472,7 @@ class DsInstance(service.Service): target_fname = schema_dirname(self.serverid) + "05rfc2247.ldif" shutil.copyfile(ipautil.SHARE_DIR + "05rfc2247.ldif", target_fname) - os.chmod(target_fname, 0440) + os.chmod(target_fname, 0o440) os.chown(target_fname, pent.pw_uid, pent.pw_gid) except IOError: # Does not apply with newer DS releases diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 792825621..7dcdda03d 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -186,7 +186,7 @@ class HTTPInstance(service.Service): http_fd = open(target_fname, "w") http_fd.write(http_txt) http_fd.close() - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) target_fname = paths.HTTPD_IPA_REWRITE_CONF http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa-rewrite.conf", self.sub_dict) @@ -194,7 +194,7 @@ class HTTPInstance(service.Service): http_fd = open(target_fname, "w") http_fd.write(http_txt) http_fd.close() - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) def change_mod_nss_port_from_http(self): # mod_ssl enforces SSLEngine on for vhost on 443 even though @@ -301,10 +301,10 @@ class HTTPInstance(service.Service): db.create_signing_cert("Signing-Cert", "Object Signing Cert", ca_db) # Fix the database permissions - os.chmod(certs.NSS_DIR + "/cert8.db", 0660) - os.chmod(certs.NSS_DIR + "/key3.db", 0660) - os.chmod(certs.NSS_DIR + "/secmod.db", 0660) - os.chmod(certs.NSS_DIR + "/pwdfile.txt", 0660) + os.chmod(certs.NSS_DIR + "/cert8.db", 0o660) + os.chmod(certs.NSS_DIR + "/key3.db", 0o660) + os.chmod(certs.NSS_DIR + "/secmod.db", 0o660) + os.chmod(certs.NSS_DIR + "/pwdfile.txt", 0o660) pent = pwd.getpwnam("apache") os.chown(certs.NSS_DIR + "/cert8.db", 0, pent.pw_gid ) @@ -325,7 +325,7 @@ class HTTPInstance(service.Service): ipautil.copy_template_file( ipautil.SHARE_DIR + "preferences.html.template", target_fname, self.sub_dict) - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) # The signing cert is generated in __setup_ssl db = certs.CertDB(self.realm, subject_base=self.subject_base) @@ -342,7 +342,7 @@ class HTTPInstance(service.Service): "-e", ".html", "-p", pwd, tmpdir]) shutil.rmtree(tmpdir) - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) else: root_logger.warning('Object-signing certificate was not found; ' 'therefore, configure.jar was not created.') @@ -361,7 +361,7 @@ class HTTPInstance(service.Service): ipautil.copy_template_file(ipautil.SHARE_DIR + "krb.js.template", target_fname, sub_dict) - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) # Setup extension tmpdir = tempfile.mkdtemp(prefix="tmp-") @@ -380,7 +380,7 @@ class HTTPInstance(service.Service): ipautil.run([paths.ZIP, '-r', target_fname] + filenames, cwd=extdir) shutil.rmtree(tmpdir) - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) def __publish_ca_cert(self): ca_db = certs.CertDB(self.realm) @@ -441,7 +441,7 @@ class HTTPInstance(service.Service): self.fstore.backup_file(target_fname) with open(target_fname, 'w') as f: f.write(http_txt) - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) def uninstall(self): if self.is_configured(): diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py index f7e032ae5..685c618d8 100644 --- a/ipaserver/install/ipa_backup.py +++ b/ipaserver/install/ipa_backup.py @@ -263,9 +263,9 @@ class Backup(admintool.AdminTool): self.top_dir = tempfile.mkdtemp("ipa") os.chown(self.top_dir, pent.pw_uid, pent.pw_gid) - os.chmod(self.top_dir, 0750) + os.chmod(self.top_dir, 0o750) self.dir = os.path.join(self.top_dir, "ipa") - os.mkdir(self.dir, 0750) + os.mkdir(self.dir, 0o750) os.chown(self.dir, pent.pw_uid, pent.pw_gid) @@ -554,7 +554,7 @@ class Backup(admintool.AdminTool): backup_dir = os.path.join(paths.IPA_BACKUP_DIR, time.strftime('ipa-full-%Y-%m-%d-%H-%M-%S')) filename = os.path.join(backup_dir, "ipa-full.tar") - os.mkdir(backup_dir, 0700) + os.mkdir(backup_dir, 0o700) cwd = os.getcwd() os.chdir(self.dir) @@ -585,7 +585,7 @@ class Backup(admintool.AdminTool): if instance != 'PKI-IPA': return os.path.join(paths.VAR_LIB_DIRSRV, 'scripts-%s' % instance) else: - if sys.maxsize > 2**32L: + if sys.maxsize > 2**32: libpath = 'lib64' else: libpath = 'lib' diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index 5246f5f54..55cdb8ad2 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -345,7 +345,7 @@ class ReplicaPrepare(admintool.AdminTool): self.top_dir = tempfile.mkdtemp("ipa") self.dir = os.path.join(self.top_dir, "realm_info") - os.mkdir(self.dir, 0700) + os.mkdir(self.dir, 0o700) try: self.copy_ds_certificate() @@ -475,7 +475,7 @@ class ReplicaPrepare(admintool.AdminTool): ipautil.encrypt_file( replicafile, encfile, self.dirman_password, self.top_dir) - os.chmod(encfile, 0600) + os.chmod(encfile, 0o600) installutils.remove_file(replicafile) diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py index 528a6daf0..62b31c580 100644 --- a/ipaserver/install/ipa_restore.py +++ b/ipaserver/install/ipa_restore.py @@ -57,10 +57,10 @@ def recursive_chown(path, uid, gid): for root, dirs, files in os.walk(path): for dir in dirs: os.chown(os.path.join(root, dir), uid, gid) - os.chmod(os.path.join(root, dir), 0750) + os.chmod(os.path.join(root, dir), 0o750) for file in files: os.chown(os.path.join(root, file), uid, gid) - os.chmod(os.path.join(root, file), 0640) + os.chmod(os.path.join(root, file), 0o640) def decrypt_file(tmpdir, filename, keyring): @@ -290,9 +290,9 @@ class Restore(admintool.AdminTool): # Temporary directory for decrypting files before restoring self.top_dir = tempfile.mkdtemp("ipa") os.chown(self.top_dir, pent.pw_uid, pent.pw_gid) - os.chmod(self.top_dir, 0750) + os.chmod(self.top_dir, 0o750) self.dir = os.path.join(self.top_dir, "ipa") - os.mkdir(self.dir, 0750) + os.mkdir(self.dir, 0o750) os.chown(self.dir, pent.pw_uid, pent.pw_gid) @@ -512,7 +512,7 @@ class Restore(admintool.AdminTool): if not os.path.exists(ldifdir): pent = pwd.getpwnam(DS_USER) - os.mkdir(ldifdir, 0770) + os.mkdir(ldifdir, 0o770) os.chown(ldifdir, pent.pw_uid, pent.pw_gid) ipautil.backup_file(ldiffile) @@ -733,7 +733,7 @@ class Restore(admintool.AdminTool): if instance != 'PKI-IPA': return os.path.join(paths.VAR_LIB_DIRSRV, 'scripts-%s' % instance) else: - if sys.maxsize > 2**32L: + if sys.maxsize > 2**32: libpath = 'lib64' else: libpath = 'lib' @@ -770,7 +770,7 @@ class Restore(admintool.AdminTool): for dir in dirs: try: self.log.debug('Creating %s' % dir) - os.mkdir(dir, 0770) + os.mkdir(dir, 0o770) os.chown(dir, pent.pw_uid, pent.pw_gid) tasks.restore_context(dir) except Exception, e: diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py index 2e3e34a5e..d1c3bfd9d 100644 --- a/ipaserver/install/ipa_server_certinstall.py +++ b/ipaserver/install/ipa_server_certinstall.py @@ -147,9 +147,9 @@ class ServerCertInstall(admintool.AdminTool): 'NSSNickname', server_cert) # Fix the database permissions - os.chmod(os.path.join(dirname, 'cert8.db'), 0640) - os.chmod(os.path.join(dirname, 'key3.db'), 0640) - os.chmod(os.path.join(dirname, 'secmod.db'), 0640) + os.chmod(os.path.join(dirname, 'cert8.db'), 0o640) + os.chmod(os.path.join(dirname, 'key3.db'), 0o640) + os.chmod(os.path.join(dirname, 'secmod.db'), 0o640) pent = pwd.getpwnam("apache") os.chown(os.path.join(dirname, 'cert8.db'), 0, pent.pw_gid) diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 648fc7601..b34d00601 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -317,7 +317,7 @@ class KrbInstance(service.Service): def __add_default_acis(self): self._ldap_mod("default-aci.ldif", self.sub_dict) - def __template_file(self, path, chmod=0644): + def __template_file(self, path, chmod=0o644): template = os.path.join(ipautil.SHARE_DIR, os.path.basename(path) + ".template") conf = ipautil.template_file(template, self.sub_dict) self.fstore.backup_file(path) @@ -399,7 +399,7 @@ class KrbInstance(service.Service): # Make sure access is strictly reserved to root only for now os.chown(paths.KRB5_KEYTAB, 0, 0) - os.chmod(paths.KRB5_KEYTAB, 0600) + os.chmod(paths.KRB5_KEYTAB, 0o600) self.move_service_to_host(host_principal) diff --git a/ipaserver/install/odsexporterinstance.py b/ipaserver/install/odsexporterinstance.py index c37095cfc..51b0f3efc 100644 --- a/ipaserver/install/odsexporterinstance.py +++ b/ipaserver/install/odsexporterinstance.py @@ -108,7 +108,7 @@ class ODSExporterInstance(service.Service): dns_exporter_principal_dn = p # Make sure access is strictly reserved to the ods user - os.chmod(paths.IPA_ODS_EXPORTER_KEYTAB, 0440) + os.chmod(paths.IPA_ODS_EXPORTER_KEYTAB, 0o440) os.chown(paths.IPA_ODS_EXPORTER_KEYTAB, 0, self.ods_gid) dns_group = DN(('cn', 'DNS Servers'), ('cn', 'privileges'), diff --git a/ipaserver/install/opendnssecinstance.py b/ipaserver/install/opendnssecinstance.py index 0f1af828e..a62fa667c 100644 --- a/ipaserver/install/opendnssecinstance.py +++ b/ipaserver/install/opendnssecinstance.py @@ -212,24 +212,24 @@ class OpenDNSSECInstance(service.Service): for (root, dirs, files) in os.walk(paths.ETC_OPENDNSSEC_DIR): for directory in dirs: dir_path = os.path.join(root, directory) - os.chmod(dir_path, 0770) + os.chmod(dir_path, 0o770) # chown to root:ods os.chown(dir_path, 0, self.ods_gid) for filename in files: file_path = os.path.join(root, filename) - os.chmod(file_path, 0660) + os.chmod(file_path, 0o660) # chown to root:ods os.chown(file_path, 0, self.ods_gid) for (root, dirs, files) in os.walk(paths.VAR_OPENDNSSEC_DIR): for directory in dirs: dir_path = os.path.join(root, directory) - os.chmod(dir_path, 0770) + os.chmod(dir_path, 0o770) # chown to ods:ods os.chown(dir_path, self.ods_uid, self.ods_gid) for filename in files: file_path = os.path.join(root, filename) - os.chmod(file_path, 0660) + os.chmod(file_path, 0o660) # chown to ods:ods os.chown(file_path, self.ods_uid, self.ods_gid) @@ -250,11 +250,11 @@ class OpenDNSSECInstance(service.Service): for (root, dirs, files) in os.walk(paths.DNSSEC_TOKENS_DIR): for directory in dirs: dir_path = os.path.join(root, directory) - os.chmod(dir_path, 0770 | stat.S_ISGID) + os.chmod(dir_path, 0o770 | stat.S_ISGID) os.chown(dir_path, self.ods_uid, self.named_gid) # chown to ods:named for filename in files: file_path = os.path.join(root, filename) - os.chmod(file_path, 0770 | stat.S_ISGID) + os.chmod(file_path, 0o770 | stat.S_ISGID) os.chown(file_path, self.ods_uid, self.named_gid) # chown to ods:named finally: @@ -276,7 +276,7 @@ class OpenDNSSECInstance(service.Service): # privileges shutil.copy(self.kasp_db_file, paths.OPENDNSSEC_KASP_DB) os.chown(paths.OPENDNSSEC_KASP_DB, self.ods_uid, self.ods_gid) - os.chmod(paths.OPENDNSSEC_KASP_DB, 0660) + os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660) # regenerate zonelist.xml ods_enforcerd = services.knownservices.ods_enforcerd @@ -287,7 +287,7 @@ class OpenDNSSECInstance(service.Service): zonelistf.write(stdout) os.chown(paths.OPENDNSSEC_ZONELIST_FILE, self.ods_uid, self.ods_gid) - os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0660) + os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0o660) else: # initialize new kasp.db diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index b9bf3f34b..015050aa7 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -580,7 +580,7 @@ def install_check(installer): fd.close() # Must be readable for everyone - os.chmod(target_fname, 0644) + os.chmod(target_fname, 0o644) system_hostname = get_fqdn() if host_name != system_hostname: @@ -770,7 +770,7 @@ def install(installer): else: # Put the CA cert where other instances expect it x509.write_certificate(http_ca_cert, CACERT) - os.chmod(CACERT, 0444) + os.chmod(CACERT, 0o444) # we now need to enable ssl on the ds ds.enable_ssl() @@ -821,7 +821,7 @@ def install(installer): # Export full CA chain ca_db = certs.CertDB(realm_name) - os.chmod(CACERT, 0644) + os.chmod(CACERT, 0o644) ca_db.publish_ca_cert(CACERT) set_subject_in_config(realm_name, dm_password, diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 1ad291a1e..a0ae53438 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -105,7 +105,7 @@ def install_ca_cert(ldap, base_dn, realm, cafile): certs = [c[0] for c in certs if c[2] is not False] x509.write_certificate_list(certs, constants.CACERT) - os.chmod(constants.CACERT, 0444) + os.chmod(constants.CACERT, 0o444) except Exception, e: print "error copying files: " + str(e) sys.exit(1) @@ -358,7 +358,7 @@ def install_check(installer): # Create the management framework config file # Note: We must do this before bootstraping and finalizing ipalib.api - old_umask = os.umask(022) # must be readable for httpd + old_umask = os.umask(0o22) # must be readable for httpd try: fd = open(paths.IPA_DEFAULT_CONF, "w") fd.write("[global]\n") diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index f295655dc..a342642b0 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -175,7 +175,7 @@ def check_certs(): if not os.path.exists(paths.CA_CRT): ca_file = paths.ALIAS_CACERT_ASC if os.path.exists(ca_file): - old_umask = os.umask(022) # make sure its readable by httpd + old_umask = os.umask(0o22) # make sure its readable by httpd try: shutil.copyfile(ca_file, paths.CA_CRT) finally: |