Import Upstream version 4.12.4

2025-08-12 22:28:56 +02:00
parent 03a8170b15
commit 9181ee2487
1629 changed files with 874094 additions and 554378 deletions
--- a/ipaserver/install/custodiainstance.py
+++ b/ipaserver/install/custodiainstance.py
@@ -14,14 +14,12 @@ from ipaserver.install.service import SimpleServiceInstance
 from ipapython import ipautil
 from ipapython import ipaldap
 from ipapython.certdb import NSSDatabase
-from ipaserver.install import ldapupdate
 from ipaserver.install import sysupgrade
 from base64 import b64decode
 from jwcrypto.common import json_decode
 import os
 import stat
 import time
-import pwd

 logger = logging.getLogger(__name__)

@@ -111,15 +109,14 @@ class CustodiaInstance(SimpleServiceInstance):
    def __config_file(self):
        template_file = os.path.basename(self.config_file) + '.template'
        template = os.path.join(paths.USR_SHARE_IPA_DIR, template_file)
-        httpd_info = pwd.getpwnam(constants.HTTPD_USER)
        sub_dict = dict(
            IPA_CUSTODIA_CONF_DIR=paths.IPA_CUSTODIA_CONF_DIR,
            IPA_CUSTODIA_KEYS=paths.IPA_CUSTODIA_KEYS,
            IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET,
            IPA_CUSTODIA_AUDIT_LOG=paths.IPA_CUSTODIA_AUDIT_LOG,
            LDAP_URI=ipaldap.realm_to_ldapi_uri(self.realm),
-            UID=httpd_info.pw_uid,
-            GID=httpd_info.pw_gid
+            UID=constants.HTTPD_USER.uid,
+            GID=constants.HTTPD_USER.pgid
        )
        conf = ipautil.template_file(template, sub_dict)
        with open(self.config_file, "w") as f:
@@ -150,6 +147,7 @@ class CustodiaInstance(SimpleServiceInstance):
        })
        keystore.remove_server_keys_file()
        ipautil.remove_file(self.config_file)
+        ipautil.remove_file(paths.IPA_CUSTODIA_SOCKET)
        sysupgrade.set_upgrade_state('custodia', 'installed', False)

    def __gen_keys(self):
@@ -190,13 +188,7 @@ class CustodiaInstance(SimpleServiceInstance):
        """
        Runs the custodia update file to ensure custodia container is present.
        """
-
-        sub_dict = {
-            'SUFFIX': self.suffix,
-        }
-
-        updater = ldapupdate.LDAPUpdate(sub_dict=sub_dict)
-        updater.update([os.path.join(paths.UPDATES_DIR, '73-custodia.update')])
+        self._ldap_update(['73-custodia.update'])

    def import_ra_key(self):
        cli = self._get_custodia_client()
@@ -312,9 +304,3 @@ class CustodiaInstance(SimpleServiceInstance):
        data = {'prefix': 'ca',
                'list': certlist}
        self._get_keys(cacerts_file, cacerts_pwd, data)
-
-    def __start(self):
-        super(CustodiaInstance, self).__start()
-
-    def __enable(self):
-        super(CustodiaInstance, self).__enable()