[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Pki-devel] [PATCH] 0038..0041 fix upgrade issues



The attached patches fix a number of issues upgrading from 10.2.3-2
to 10.2.4-2, the most severe of which is that pki-tomcatd cannot
start after upgrade due to reference to removed class
NuxwdogPasswordStoreInitializer.  These issues are blocking FreeIPA
4.2 alpha.  (There might be more issues to discover, but these fixes
are all I have in me tonight.)

Depending on when we were planning to cut 10.2.5, it might be
worthwhile doing a 10.2.4-3 - but I leave it to more experienced
folk to make that call.

Thanks,
Fraser
From c37dafebc974324656c22857b4aba23172e47ae8 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <frase frase id au>
Date: Mon, 15 Jun 2015 10:47:57 -0400
Subject: [PATCH 38/41] Invoke PKIInstance.load() during upgrade

Some upgrade servlets use attributes loaded when PKIInstance.load()
is invoked, but it may not have been; breakage ensues.  Invoke it
before executing upgrade scriptlets.
---
 base/server/python/pki/server/upgrade.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/base/server/python/pki/server/upgrade.py b/base/server/python/pki/server/upgrade.py
index db3d968aa85e977838ebd8a13be798dc373ab172..a105dd15c348ac79085c0982b201baaae74e2c20 100644
--- a/base/server/python/pki/server/upgrade.py
+++ b/base/server/python/pki/server/upgrade.py
@@ -195,6 +195,7 @@ class PKIServerUpgrader(pki.upgrade.PKIUpgrader):
                             self.instanceName == instanceName:
                         instance = pki.server.PKIInstance(instanceName)
                         instance.validate()
+                        instance.load()
                         instance_list.append(instance)
 
         if not self.instanceType or self.instanceType == 9:
-- 
2.1.0

From dc1a90097ff2a0099495d0266b3e6be82d55ae6c Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <frase frase id au>
Date: Mon, 15 Jun 2015 11:22:17 -0400
Subject: [PATCH 39/41] Upgrade: check file exists before chowning

Dogtag entered a state where an upgrade script failed before it was
trying to chown a file that didn't exist.  Add a check that the file
exists.
---
 base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership b/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership
index 700aaf3ce682682148ed444337b25eaac2482b0b..686853c29aaedb0ba7e70bcb880df7037d54a324 100755
--- a/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership
+++ b/base/server/upgrade/10.2.3/01-FixInstanceWorkFolderOwnership
@@ -31,4 +31,5 @@ class FixInstanceWorkFolderOwnership(pki.server.upgrade.PKIServerUpgradeScriptle
     def upgrade_instance(self, instance):
 
         dir = os.path.join(instance.base_dir, 'work/Catalina/localhost/pki')
-        pki.util.chown(dir, instance.uid, instance.gid)
+        if os.path.exists(dir):
+            pki.util.chown(dir, instance.uid, instance.gid)
-- 
2.1.0

From 2000bf04983fb74b3b7ee275129e908508d2d3fd Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <frase frase id au>
Date: Mon, 15 Jun 2015 11:25:10 -0400
Subject: [PATCH 40/41] Upgrade: add scriptlet to fix nuxwdog listener class

---
 .../upgrade/10.2.4/02-FixNuxwdogListenerClass      | 36 ++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100755 base/server/upgrade/10.2.4/02-FixNuxwdogListenerClass

diff --git a/base/server/upgrade/10.2.4/02-FixNuxwdogListenerClass b/base/server/upgrade/10.2.4/02-FixNuxwdogListenerClass
new file mode 100755
index 0000000000000000000000000000000000000000..22096e93533fe91e63435db85980c657d998a888
--- /dev/null
+++ b/base/server/upgrade/10.2.4/02-FixNuxwdogListenerClass
@@ -0,0 +1,36 @@
+#!/usr/bin/python
+# Authors:
+#     Fraser Tweedale <ftweedal redhat com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+
+import os
+import subprocess
+
+import pki.server.upgrade
+
+
+class FixNuxwdogListenerClass(pki.server.upgrade.PKIServerUpgradeScriptlet):
+    def __init__(self):
+        self.message = 'Fix nuxwdog listener class'
+
+    def upgrade_instance(self, instance):
+        subprocess.check_call([
+            'sed', '-i', 's/NuxwdogPasswordStoreInitializer/PKIListener/',
+            '/etc/pki/{0}/server.xml'.format(instance.name)
+        ])
-- 
2.1.0

From 842917299f61ff7c39eb5707553d451f45a7423c Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <frase frase id au>
Date: Mon, 15 Jun 2015 12:52:19 -0400
Subject: [PATCH 41/41] Update: fix CS.cfg permissions

The 10.2.3/02-FixBindPWPrompt upgrade scriptlet leaves CS.cfg owned
by root.  chown CS.cfg to the instance owner.
---
 base/server/upgrade/10.2.3/02-FixBindPWPrompt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/base/server/upgrade/10.2.3/02-FixBindPWPrompt b/base/server/upgrade/10.2.3/02-FixBindPWPrompt
index 7b99afd6f3ca0d40fcb656b8a9ea0cc47e365c61..e433c125df8cd4504888ba17957b8245c4b23124 100755
--- a/base/server/upgrade/10.2.3/02-FixBindPWPrompt
+++ b/base/server/upgrade/10.2.3/02-FixBindPWPrompt
@@ -47,3 +47,4 @@ class FixBindPWPrompt(pki.server.upgrade.PKIServerUpgradeScriptlet):
                           line)
             sys.stdout.write(line)
 
+        os.chown(cs_cfg, instance.uid, instance.gid)
-- 
2.1.0


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]