From f8f5bd644aee5c54acc857061868e659ae449e48 Mon Sep 17 00:00:00 2001
From: Martin Basti <mbasti@redhat.com>
Date: Thu, 10 Sep 2015 16:35:54 +0200
Subject: IPA Restore: allows to specify files that should be removed

Some files/directories should be removed before backup files are copied
to filesystem.

In case of DNSSEC, the /var/lib/ipa/dnssec/tokens directory has to be
removed, otherwise tokens that are backed up and existing tokens will be
mixed and SOFTHSM log in will not work

https://fedorahosted.org/freeipa/ticket/5293

Reviewed-By: David Kupka <dkupka@redhat.com>
---
 ipaserver/install/ipa_restore.py | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'ipaserver')

diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index e8820b99e..b7af88d99 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -128,6 +128,14 @@ class Restore(admintool.AdminTool):
 
     description = "Restore IPA files and databases."
 
+    # directories and files listed here will be removed from filesystem before
+    # files from backup are copied
+    DIRS_TO_BE_REMOVED = [
+        paths.DNSSEC_TOKENS_DIR,
+    ]
+
+    FILES_TO_BE_REMOVED = []
+
     def __init__(self, options, args):
         super(Restore, self).__init__(options, args)
         self._conn = None
@@ -365,6 +373,7 @@ class Restore(admintool.AdminTool):
 
             # We do either a full file restore or we restore data.
             if restore_type == 'FULL':
+                self.remove_old_files()
                 if 'CA' in self.backup_services:
                     create_ca_user()
                 self.cert_restore_prepare()
@@ -647,6 +656,25 @@ class Restore(admintool.AdminTool):
                               (paths.IPA_DEFAULT_CONF, stderr))
         os.chdir(cwd)
 
+    def remove_old_files(self):
+        """
+        Removes all directories, files or temporal files that should be
+        removed before backup files are copied, to prevent errors.
+        """
+        for d in self.DIRS_TO_BE_REMOVED:
+            try:
+                shutil.rmtree(d)
+            except OSError as e:
+                if e.errno != 2:  # 2: dir does not exist
+                    self.log.warning("Could not remove directory: %s (%s)",
+                                     d, e)
+
+        for f in self.FILES_TO_BE_REMOVED:
+            try:
+                os.remove(f)
+            except OSError as e:
+                if e.errno != 2:  # 2: file does not exist
+                    self.log.warning("Could not remove file: %s (%s)", f, e)
 
     def file_restore(self, nologs=False):
         '''
-- 
cgit