[Fedora-directory-devel] Please Review: (486402) setup-ds.pl + register-ds-admin.pl generates different aci's then setup-ds-admin.pl
Nathan Kinder
nkinder at redhat.com
Fri Feb 27 17:05:26 UTC 2009
https://bugzilla.redhat.com/show_bug.cgi?id=486402
Resolves: bug 486402
Bug Description: Using setup-ds.pl and then registering the instance with
an admin server using register-ds-admin.pl does not add the proper ACI's
to allow admin to manage the instance.
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: Add the appropriate aci's when running
register-ds-admin.pl.
There were a few other issues to deal with in addition to the missing ACIs.
The PTA plug-in was not being configured since the LDIF template that
was used
was an entire new PTA plug-in entry, which never gets added since it
already
exists. I changed this to a LDIF mod template. We also only want to
configure
PTA if it is not already configured, or if we are switching the config DS.
This will prevent overwriting any custom tweaks to the PTA plug-in, such as
using LDAPS to communicate with the config DS.
I found another issue during testing with the ldapStart parameter in
adm.conf
getting set incorrectly after running register-ds-admin.pl. This
parameter is
supposed to point to the start-slapd script of the config DS, but
register-ds-admin.pl was always changing this to the last instance that it
registered (which will never be the config DS if you have more than one
instance). We need to ensure that the slapd info in the inf is the
config DS
before updating the Admin Server config files.
Platforms tested: F9
Flag Day: no
Doc impact: no
https://bugzilla.redhat.com/attachment.cgi?id=333508&action=diff
https://bugzilla.redhat.com/attachment.cgi?id=333503
More information about the Fedora-directory-devel
mailing list