[Freeipa-devel] [PATCH] 795 Remove root autobind search restriction, fix upgrade logging & error handling.
Martin Kosek
mkosek at redhat.com
Fri Jun 10 15:28:40 UTC 2011
On Thu, 2011-06-09 at 16:32 -0400, Rob Crittenden wrote:
> Rob Crittenden wrote:
> > There was no point in limiting autobind root to just search cn=config
> > since it could always just modify its way out of the box, so remove the
> > restriction.
> >
> > The upgrade log wasn't being created. Clearing all other loggers before
> > we calling logging.basicConfig() fixes this.
> >
> > Add a global exception when performing updates so we can gracefully
> > catch and log problems without leaving the server in a bad state.
> >
> > https://fedorahosted.org/freeipa/ticket/1243
> > https://fedorahosted.org/freeipa/ticket/1254
> >
> > rob
>
> This was leaving a bogus entry in systrestore.index and an empty value
> in dse.ldif. I updated the patch.
>
> rob
Autobind portion works fine. However, upgrade failure processing can be
improved:
1) When Exception is catched in IPAUpgrade, it is neither logged nor
printed out. This can make it difficult to debug.
2) User running `ipa-ldap-updater --upgrade` cannot tell if the upgrade
was wrong. Success status code is returned by the program and no info
that something has failed is given.
Martin
More information about the Freeipa-devel
mailing list