[Freeipa-devel] [PATCH] 38 Move Managed Entries into their own container in the replicated space.
Martin Kosek
mkosek at redhat.com
Mon Jul 25 11:38:25 UTC 2011
On Fri, 2011-07-22 at 15:59 +0000, JR Aquino wrote:
> On Jul 22, 2011, at 6:54 AM, Martin Kosek wrote:
>
> > On Thu, 2011-07-21 at 23:00 +0000, JR Aquino wrote:
> >> Create: cn=Managed Entries,cn=etc,$SUFFIX
> >> Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
> >> Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
> >>
> >> Create method for migrating any and all custom Managed Entries from
> >> the cn=config space into the new container.
> >>
> >> The Managed Entries plugin configurations weren't being created on
> >> replica installs.
> >>
> >> This patch addresses two seperate tickets and accounts for
> >> new installs, replica installs, and upgrades.
> >>
> >> https://fedorahosted.org/freeipa/ticket/1181 - Managed Entry Tool / New Container <A separate patch will cover the management tool>
> >> https://fedorahosted.org/freeipa/ticket/1222 - Add Managed Entries during Replica installation <extended solution>
> >
> > I found few issues with the patch (tested along with 25):
> >
> > 1) When upgrading an old instance, NGP and UGP definitions in
> > cn=Managed Entries,cn=plugins,cn=config were not deleted. This lead to 2
> > managed entries plugin definitions
> >
> > 2) Managed entries on a replica didn't work for me. For example UPG was
> > created on a master, but was not on a replica
>
> Were you using 389 1.2.9? I believe the Requires should actually be present in /this/ patch instead of patch 25...
>
> 1.2.9 provides a means for directing the plugin to the NEW container in cn=etc, and after that is done, the old entries can be deleted by the code once they are no longer 'in use'.
I am, I checked this issue again today. The problem is in cn=Managed
Entries,cn=plugins,cn=config. nsslapd-pluginConfigArea is not set on a
replica.
Martin
More information about the Freeipa-devel
mailing list