summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/install/cainstance.py10
-rw-r--r--ipaserver/install/plugins/update_ca_topology.py34
2 files changed, 44 insertions, 0 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index b89226980..c07421371 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -63,6 +63,7 @@ from ipapython.ipa_log_manager import log_mgr,\
from ipaserver.install import certs
from ipaserver.install import dsinstance
from ipaserver.install import installutils
+from ipaserver.install import ldapupdate
from ipaserver.install import service
from ipaserver.install.dogtaginstance import (
DEFAULT_DSPORT, PKI_USER, export_kra_agent_pem, DogtagInstance)
@@ -806,6 +807,15 @@ class CAInstance(DogtagInstance):
except Exception as e:
root_logger.warning("Failed to backup CS.cfg: %s", e)
+ def __update_topology(self):
+ ld = ldapupdate.LDAPUpdate(ldapi=True, sub_dict={
+ 'SUFFIX': api.env.basedn,
+ 'FQDN': self.fqdn,
+ })
+ rv = ld.update([paths.CA_TOPOLOGY_ULDIF])
+ if not rv:
+ raise RuntimeError("Failed to update CA topology configuration")
+
def __disable_nonce(self):
# Turn off Nonces
update_result = installutils.update_file(
diff --git a/ipaserver/install/plugins/update_ca_topology.py b/ipaserver/install/plugins/update_ca_topology.py
new file mode 100644
index 000000000..ce4b5bc9a
--- /dev/null
+++ b/ipaserver/install/plugins/update_ca_topology.py
@@ -0,0 +1,34 @@
+#
+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
+#
+
+from ipalib import api
+from ipalib import Updater
+from ipaserver.install import certs, cainstance
+from ipaserver.install import ldapupdate
+from ipaplatform.paths import paths
+
+
+class update_ca_topology(Updater):
+ """
+ Updates CA topology configuration entries
+ """
+
+ def execute(self, **options):
+
+ ca = cainstance.CAInstance(self.api.env.realm, certs.NSS_DIR)
+ if not ca.is_configured():
+ self.log.debug("CA is not configured on this host")
+ return False, []
+
+ ld = ldapupdate.LDAPUpdate(ldapi=True, sub_dict={
+ 'SUFFIX': self.api.env.basedn,
+ 'FQDN': self.api.env.host,
+ })
+ rv = ld.update([paths.CA_TOPOLOGY_ULDIF])
+ if not rv:
+ self.log.error("Failed to update CA topology configuration")
+
+ return False, []
+
+api.register(update_ca_topology)
generated by cgit (git 2.34.1) at 2024-09-28 11:16:48 +0000