82 lines
2.9 KiB
Diff
82 lines
2.9 KiB
Diff
Description: Fix ODS setup with 2.0.x
|
|
--- a/install/share/opendnssec_conf.template
|
|
+++ b/install/share/opendnssec_conf.template
|
|
@@ -8,7 +8,7 @@
|
|
<Module>$SOFTHSM_LIB</Module>
|
|
<TokenLabel>$TOKEN_LABEL</TokenLabel>
|
|
<PIN>$PIN</PIN>
|
|
- <AllowExtraction/>
|
|
+ <AllowExtraction/>
|
|
</Repository>
|
|
|
|
</RepositoryList>
|
|
--- a/ipaserver/install/opendnssecinstance.py
|
|
+++ b/ipaserver/install/opendnssecinstance.py
|
|
@@ -282,20 +282,15 @@ class OpenDNSSECInstance(service.Service
|
|
os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660)
|
|
|
|
# regenerate zonelist.xml
|
|
- cmd = [paths.ODS_KSMUTIL, 'zonelist', 'export']
|
|
+ cmd = [paths.ODS_ENFORCER, 'zonelist', 'export']
|
|
result = ipautil.run(cmd,
|
|
runas=constants.ODS_USER,
|
|
capture_output=True)
|
|
- with open(paths.OPENDNSSEC_ZONELIST_FILE, 'w') as zonelistf:
|
|
- zonelistf.write(result.output)
|
|
- os.chown(paths.OPENDNSSEC_ZONELIST_FILE,
|
|
- self.ods_uid, self.ods_gid)
|
|
- os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0o660)
|
|
|
|
else:
|
|
# initialize new kasp.db
|
|
command = [
|
|
- paths.ODS_KSMUTIL,
|
|
+ paths.ODS_ENFORCER_SETUP,
|
|
'setup'
|
|
]
|
|
|
|
--- a/ipaplatform/base/paths.py
|
|
+++ b/ipaplatform/base/paths.py
|
|
@@ -167,7 +167,8 @@ class BasePathNamespace(object):
|
|
NET = "/usr/bin/net"
|
|
BIN_NISDOMAINNAME = "/usr/bin/nisdomainname"
|
|
NSUPDATE = "/usr/bin/nsupdate"
|
|
- ODS_KSMUTIL = "/usr/bin/ods-ksmutil"
|
|
+ ODS_ENFORCER = "/usr/sbin/ods-enforcer"
|
|
+ ODS_ENFORCER_SETUP = "/usr/sbin/ods-enforcer-db-setup"
|
|
ODS_SIGNER = "/usr/sbin/ods-signer"
|
|
OPENSSL = "/usr/bin/openssl"
|
|
PK12UTIL = "/usr/bin/pk12util"
|
|
--- a/ipaserver/dnssec/odsmgr.py
|
|
+++ b/ipaserver/dnssec/odsmgr.py
|
|
@@ -12,6 +12,7 @@ except ImportError:
|
|
from xml.etree import ElementTree as etree
|
|
|
|
from ipapython import ipa_log_manager, ipautil
|
|
+from ipaplatform.paths import paths
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
@@ -131,17 +132,18 @@ class ODSMgr(object):
|
|
self.zl_ldap = LDAPZoneListReader()
|
|
|
|
def ksmutil(self, params):
|
|
- """Call ods-ksmutil with given parameters and return stdout.
|
|
+ """Call ods-enforcer with given parameters and return stdout.
|
|
|
|
Raises CalledProcessError if returncode != 0.
|
|
"""
|
|
- cmd = ['ods-ksmutil'] + params
|
|
+ cmd = [paths.ODS_ENFORCER] + params
|
|
result = ipautil.run(cmd, capture_output=True)
|
|
return result.output
|
|
|
|
def get_ods_zonelist(self):
|
|
stdout = self.ksmutil(['zonelist', 'export'])
|
|
- reader = ODSZoneListReader(stdout)
|
|
+ with open(paths.OPENDNSSEC_ZONELIST_FILE) as f:
|
|
+ reader = ODSZoneListReader(f.read())
|
|
return reader
|
|
|
|
def add_ods_zone(self, uuid, name):
|