[Pki-devel] [PATCH] 567 Added upgrade script to fix instance work folder ownership.

Wed Apr 8 21:25:04 UTC 2015

The <instance>/work/Catalina/localhost/pki folder is owned by
root in Dogtag 10.0.x and pkiuser in the latest code. The script
will fix the ownership during upgrade.

https://fedorahosted.org/pki/ticket/802

-- 
Endi S. Dewata
-------------- next part --------------
From 46beb1708f4bd47d645162c1631f1c2895ad2de0 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Wed, 8 Apr 2015 16:28:29 -0400
Subject: [PATCH] Added upgrade script to fix instance work folder ownership.

The <instance>/work/Catalina/localhost/pki folder is owned by
root in Dogtag 10.0.x and pkiuser in the latest code. The script
will fix the ownership during upgrade.

https://fedorahosted.org/pki/ticket/802
---
 base/common/upgrade/10.2.3/.gitignore              |  4 ++
 .../10.2.3/01-FixInstanceWorkFolderOwnership       | 54 ++++++++++++++++++++++
 2 files changed, 58 insertions(+)
 create mode 100644 base/common/upgrade/10.2.3/.gitignore
 create mode 100755 base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership

diff --git a/base/common/upgrade/10.2.3/.gitignore b/base/common/upgrade/10.2.3/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..5e7d2734cfc60289debf74293817c0a8f572ff32
--- /dev/null
+++ b/base/common/upgrade/10.2.3/.gitignore
@@ -0,0 +1,4 @@
+# Ignore everything in this directory
+*
+# Except this file
+!.gitignore
diff --git a/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership b/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership
new file mode 100755
index 0000000000000000000000000000000000000000..8d50a6ed1438940a380f7ee23250b960ad7c32f3
--- /dev/null
+++ b/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership
@@ -0,0 +1,54 @@
+#!/usr/bin/python
+# Authors:
+#     Ade Lee <alee at redhat.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+
+import grp
+import os
+import pwd
+import re
+import pki.server.upgrade
+
+
+class FixInstanceWorkFolderOwnership(pki.server.upgrade.PKIServerUpgradeScriptlet):
+
+    def __init__(self):
+        self.message = 'Fix instance work folder ownership'
+
+    def upgrade_instance(self, instance):
+        registry_file = os.path.join(
+            pki.server.REGISTRY_DIR, 'tomcat', instance.name, instance.name)
+
+        with open(registry_file, "r") as registry:
+            lines = registry.readlines()
+
+        for line in lines:
+            m = re.search('^PKI_USER=(.*)$', line)
+            if m:
+                user = m.group(1)
+            m = re.search('^PKI_GROUP=(.*)$', line)
+            if m:
+                group = m.group(1)
+
+        uid = pwd.getpwnam(user).pw_uid
+        gid = grp.getgrnam(group).gr_gid
+
+        dir = os.path.join(instance.base_dir, 'work/Catalina/localhost/pki')
+
+        pki.util.chown(dir, uid, gid)
-- 
1.9.3

