From 8e5d2c7014ff6371a3b306e666c301aea1f7a488 Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Nov 29 2016 13:50:51 +0000 Subject: custodiainstance: automatic restart on config file update Automatically restart Custodia during IPA server upgrade if custodia.conf was updated. Use the new store class name in custodia.conf.template. https://fedorahosted.org/freeipa/ticket/6474 Reviewed-By: Stanislav Laznicka --- diff --git a/install/share/custodia.conf.template b/install/share/custodia.conf.template index d9de4d7..94740c0 100644 --- a/install/share/custodia.conf.template +++ b/install/share/custodia.conf.template @@ -19,7 +19,7 @@ store = ipa server_keys = $IPA_CUSTODIA_CONF_DIR/server.keys [store:ipa] -handler = ipapython.secrets.store.iSecStore +handler = ipapython.secrets.store.IPASecStore ldap_uri = $LDAP_URI [/keys] diff --git a/ipaserver/install/custodiainstance.py b/ipaserver/install/custodiainstance.py index 50efab4..b0c952d 100644 --- a/ipaserver/install/custodiainstance.py +++ b/ipaserver/install/custodiainstance.py @@ -73,6 +73,14 @@ class CustodiaInstance(SimpleServiceInstance): if not sysupgrade.get_upgrade_state("custodia", "installed"): root_logger.info("Custodia service is being configured") self.create_instance() + else: + old_config = open(self.config_file).read() + self.__config_file() + new_config = open(self.config_file).read() + if new_config != old_config: + root_logger.info("Restarting Custodia") + self.restart() + mode = os.stat(self.server_keys).st_mode if stat.S_IMODE(mode) != 0o600: root_logger.info("Secure server.keys mode")