added -c option to remove cached registry certs

diff --git a/sfa/plc/sfa-nuke-plc.py b/sfa/plc/sfa-nuke-plc.py
index 7ba6337..fb84020 100755 (executable)
--- a/sfa/plc/sfa-nuke-plc.py
+++ b/sfa/plc/sfa-nuke-plc.py
@@ -21,6 +21,8 @@ def main():
    parser = OptionParser(usage=usage)
    parser.add_option('-f','--file-system',dest='clean_fs',action='store_true',default=False,
                      help='Clean up the /var/lib/sfa/authorities area as well')
+   parser.add_option('-c','--certs',dest='clean_certs',action='store_true',default=False,
+                     help='Remove all cached certs/gids found in /var/lib/sfa/authorities area as well')
    (options,args)=parser.parse_args()
    if args:
       parser.print_help()
@@ -28,8 +30,23 @@ def main():
    logger.info("Purging SFA records from database")
    table = SfaTable()
    table.sfa_records_purge()
+
+   if options.clean_certs:
+      # remove the server certificate and all gids found in /var/lib/sfa/authorities
+      logger.info("Purging cached certificates")
+      for (dir, _, files) in os.walk('/var/lib/sfa/authorities'):
+         for file in files:
+            if file.endswith('.gid') or file == 'server.cert':
+               path=dir+os.sep+file
+               os.unlink(path)
+               if not os.path.exists(path):
+                  logger.info("Unlinked file %s"%path)
+               else:
+                  logger.error("Could not unlink file %s"%path)
+
    if options.clean_fs:
       # just remove all files that do not match 'server.key' or 'server.cert'
+      logger.info("Purging registry filesystem cache")
       preserved_files = [ 'server.key', 'server.cert']
       for (dir,_,files) in os.walk('/var/lib/sfa/authorities'):
          for file in files: