YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix/update migration script, handle applying the new migration during restore

Browse source
This commit is contained in:
Alexandre Aubin 2021-04-16 22:01:22 +02:00
parent eadca492f8
commit 4a0b343e5e
2 changed files with 10 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
src/yunohost/data_migrations/0019_extend_permissions_features.py
View file

@ -91,7 +91,7 @@ class MyMigration(Migration):
# Update LDAP database
self.add_new_ldap_attributes()
def run_before_system_restore(self, app_id):
def run_before_app_restore(self, app_id):
from yunohost.app import app_setting
from yunohost.utils.legacy import migrate_legacy_permission_settings
@ -109,56 +109,3 @@ class MyMigration(Migration):
for setting in legacy_permission_settings
):
migrate_legacy_permission_settings(app=app_id)
def run(self):
# FIXME : what do we really want to do here ...
# Imho we should just force-regen the conf in all case, and maybe
# just display a warning if we detect that the conf was manually modified
# Backup LDAP and the apps settings before to do the migration
logger.info(m18n.n("migration_0019_backup_before_migration"))
try:
backup_folder = "/home/yunohost.backup/premigration/" + time.strftime(
"%Y%m%d-%H%M%S", time.gmtime()
)
os.makedirs(backup_folder, 0o750)
os.system("systemctl stop slapd")
os.system("cp -r --preserve /etc/ldap %s/ldap_config" % backup_folder)
os.system("cp -r --preserve /var/lib/ldap %s/ldap_db" % backup_folder)
os.system(
"cp -r --preserve /etc/yunohost/apps %s/apps_settings" % backup_folder
)
except Exception as e:
raise YunohostError(
"migration_0019_can_not_backup_before_migration", error=e
)
finally:
os.system("systemctl start slapd")
try:
# Update LDAP database
self.add_new_ldap_attributes()
# Migrate old settings
migrate_legacy_permission_settings()
except Exception:
logger.warn(m18n.n("migration_0019_migration_failed_trying_to_rollback"))
os.system("systemctl stop slapd")
os.system(
"rm -r /etc/ldap/slapd.d"
) # To be sure that we don't keep some part of the old config
os.system("cp -r --preserve %s/ldap_config/. /etc/ldap/" % backup_folder)
os.system("cp -r --preserve %s/ldap_db/. /var/lib/ldap/" % backup_folder)
os.system(
"cp -r --preserve %s/apps_settings/. /etc/yunohost/apps/"
% backup_folder
)
os.system("systemctl start slapd")
os.system("rm -r " + backup_folder)
logger.info(m18n.n("migration_0019_rollback_success"))
raise
else:
os.system("rm -r " + backup_folder)

11
src/yunohost/data_migrations/0020_ssh_sftp_permissions.py
View file

@ -19,6 +19,7 @@ class MyMigration(Migration):
Add new permissions around SSH/SFTP features
"""
introduced_in_version = "4.2.2"
dependencies = ["extend_permissions_features"]
@Migration.ldap_migration
@ -37,14 +38,20 @@ class MyMigration(Migration):
users = ldap.search('ou=users,dc=yunohost,dc=org', filter="(loginShell=*)", attrs=["dn", "uid", "loginShell"])
for user in users:
if user['loginShell'][0] == '/bin/false':
dn=user['dn'][0].replace(',dc=yunohost,dc=org', '')
dn = user['dn'][0].replace(',dc=yunohost,dc=org', '')
ldap.update(dn, {'loginShell': ['/bin/bash']})
else:
user_permission_update("ssh.main", add=user["uid"][0], sync_perm=False)
permission_sync_to_user()
# Somehow this is needed otherwise the PAM thing doesn't forget about the
# old loginShell value ?
subprocess.call(['nscd', '-i', 'passwd'])
def run_after_system_restore(self):
self.run()
def run_before_app_restore(self, app_id):
# Nothing to do during app backup restore for this migration
pass