Description: Fix ODS setup with 2.0.x
--- a/install/share/opendnssec_conf.template
+++ b/install/share/opendnssec_conf.template
@@ -8,7 +8,7 @@
 			<Module>$SOFTHSM_LIB</Module>
 			<TokenLabel>$TOKEN_LABEL</TokenLabel>
 			<PIN>$PIN</PIN>
-            <AllowExtraction/>
+			<AllowExtraction/>
 		</Repository>
 
 	</RepositoryList>
--- a/ipaserver/install/opendnssecinstance.py
+++ b/ipaserver/install/opendnssecinstance.py
@@ -284,20 +284,15 @@ class OpenDNSSECInstance(service.Service
             os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660)
 
             # regenerate zonelist.xml
-            cmd = [paths.ODS_KSMUTIL, 'zonelist', 'export']
+            cmd = [paths.ODS_ENFORCER, 'zonelist', 'export']
             result = ipautil.run(cmd,
                                  runas=constants.ODS_USER,
                                  capture_output=True)
-            with open(paths.OPENDNSSEC_ZONELIST_FILE, 'w') as zonelistf:
-                zonelistf.write(result.output)
-                os.chown(paths.OPENDNSSEC_ZONELIST_FILE,
-                         self.ods_uid, self.ods_gid)
-                os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0o660)
 
         else:
             # initialize new kasp.db
             command = [
-                paths.ODS_KSMUTIL,
+                paths.ODS_ENFORCER_SETUP,
                 'setup'
             ]
 
--- a/ipaplatform/base/paths.py
+++ b/ipaplatform/base/paths.py
@@ -183,7 +183,8 @@ class BasePathNamespace(object):
     NET = "/usr/bin/net"
     BIN_NISDOMAINNAME = "/usr/bin/nisdomainname"
     NSUPDATE = "/usr/bin/nsupdate"
-    ODS_KSMUTIL = "/usr/bin/ods-ksmutil"
+    ODS_ENFORCER = "/usr/sbin/ods-enforcer"
+    ODS_ENFORCER_SETUP = "/usr/sbin/ods-enforcer-db-setup"
     ODS_SIGNER = "/usr/sbin/ods-signer"
     OPENSSL = "/usr/bin/openssl"
     PK12UTIL = "/usr/bin/pk12util"
--- a/ipaserver/dnssec/odsmgr.py
+++ b/ipaserver/dnssec/odsmgr.py
@@ -11,6 +11,7 @@ except ImportError:
     from xml.etree import ElementTree as etree
 
 from ipapython import ipa_log_manager, ipautil
+from ipaplatform.paths import paths
 
 logger = logging.getLogger(__name__)
 
@@ -130,17 +131,18 @@ class ODSMgr(object):
         self.zl_ldap = LDAPZoneListReader()
 
     def ksmutil(self, params):
-        """Call ods-ksmutil with given parameters and return stdout.
+        """Call ods-enforcer with given parameters and return stdout.
 
         Raises CalledProcessError if returncode != 0.
         """
-        cmd = ['ods-ksmutil'] + params
+        cmd = [paths.ODS_ENFORCER] + params
         result = ipautil.run(cmd, capture_output=True)
         return result.output
 
     def get_ods_zonelist(self):
         stdout = self.ksmutil(['zonelist', 'export'])
-        reader = ODSZoneListReader(stdout)
+        with open(paths.OPENDNSSEC_ZONELIST_FILE) as f:
+            reader = ODSZoneListReader(f.read())
         return reader
 
     def add_ods_zone(self, uuid, name):