Import Upstream version 4.12.4

2025-08-12 22:28:56 +02:00
parent 03a8170b15
commit 9181ee2487
1629 changed files with 874094 additions and 554378 deletions
--- a/ipaserver/install/odsexporterinstance.py
+++ b/ipaserver/install/odsexporterinstance.py
@@ -6,8 +6,6 @@ from __future__ import absolute_import

 import logging
 import os
-import pwd
-import grp

 import ldap

@@ -33,8 +31,6 @@ class ODSExporterInstance(service.Service):
            keytab=paths.IPA_ODS_EXPORTER_KEYTAB,
            service_prefix=u'ipa-ods-exporter'
        )
-        self.ods_uid = None
-        self.ods_gid = None
        self.enable_if_exists = False

    suffix = ipautil.dn_attribute_property('_suffix')
@@ -51,8 +47,6 @@ class ODSExporterInstance(service.Service):
        except Exception:
            pass

-        # checking status step must be first
-        self.step("checking status", self.__check_dnssec_status)
        self.step("setting up DNS Key Exporter", self.__setup_key_exporter)
        self.step("setting up kerberos principal", self.__setup_principal)
        self.step("disabling default signer daemon", self.__disable_signerd)
@@ -60,17 +54,6 @@ class ODSExporterInstance(service.Service):
        self.step("configuring DNS Key Exporter to start on boot", self.__enable)
        self.start_creation()

-    def __check_dnssec_status(self):
-        try:
-            self.ods_uid = pwd.getpwnam(constants.ODS_USER).pw_uid
-        except KeyError:
-            raise RuntimeError("OpenDNSSEC UID not found")
-
-        try:
-            self.ods_gid = grp.getgrnam(constants.ODS_GROUP).gr_gid
-        except KeyError:
-            raise RuntimeError("OpenDNSSEC GID not found")
-
    def __enable(self):

        try:
@@ -86,7 +69,7 @@ class ODSExporterInstance(service.Service):
                                   quotes=False, separator='=')

    def __setup_principal(self):
-        assert self.ods_uid is not None
+        assert constants.ODS_GROUP.gid is not None

        for f in [paths.IPA_ODS_EXPORTER_CCACHE, self.keytab]:
            try:
@@ -110,7 +93,7 @@ class ODSExporterInstance(service.Service):

        # Make sure access is strictly reserved to the ods user
        os.chmod(self.keytab, 0o440)
-        os.chown(self.keytab, 0, self.ods_gid)
+        os.chown(self.keytab, 0, constants.ODS_GROUP.gid)

        dns_group = DN(('cn', 'DNS Servers'), ('cn', 'privileges'),
                       ('cn', 'pbac'), self.suffix)