[Freeipa-devel] [PATCH] 28 Move Managed Entries into their own container
Rob Crittenden
rcritten at redhat.com
Tue May 24 15:17:17 UTC 2011
JR Aquino wrote:
> On May 23, 2011, at 2:42 PM, "Rob Crittenden"<rcritten at redhat.com> wrote:
>
>> JR Aquino wrote:
>>> On May 19, 2011, at 6:16 AM, Rob Crittenden wrote:
>>>
>>>> JR Aquino wrote:
>>>>> On May 18, 2011, at 2:52 PM, Rob Crittenden wrote:
>>>>>
>>>>>> JR Aquino wrote:
>>>>>>> On May 18, 2011, at 12:46 PM, JR Aquino wrote:
>>>>>>>
>>>>>>>> This effects Ticket 1222 and Rob's patch 786
>>>>>>>
>>>>>>> Per IRC Conversation with Simo and Rob, take the path of least change.
>>>>>>>
>>>>>>> The patch has been modified to correct the CN to match the DN rather than changing both.
>>>>>>
>>>>>> This looks good. I'm going to wait to push it at the same time as 786.
>>>>>
>>>>> Simo mentioned that I need to create the .update in the patch so that we remove the previous typo laden entry during updates.
>>>>
>>>> I added that to my patch.
>>>>
>>>> rob
>>>
>>> NACK both 28 and 786.
>>>
>>> Please see attached, and have a look at this new patch and ticket 1182 for a better understanding of the impact they have on these patches.
>>>
>>> Move Managed Entries into their own container in the
>>> replicated space. Create: cn=Managed Entries,cn=etc,$SUFFIX
>>> Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
>>> Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
>>>
>>> Create method for migrating any and all custom Managed Entries from
>>> the cn=config space into the new container.
>>>
>>> The Managed Entries plugin configurations weren't being created on
>>> replica installs.
>>>
>>> This patch addresses two seperate tickets and accounts for
>>> new installs, replica installs, and upgrades.
>>>
>>> https://fedorahosted.org/freeipa/ticket/1181 - Managed Entry Tool / New Container
>>> https://fedorahosted.org/freeipa/ticket/1222 - Add Managed Entries during Replica installation
>>>
>>
>> Well, I like this in spirit but this requires a yet-unreleased version of 389-ds, right?
>>
>> Should we take the intermediate step of your previous 28 patch and my 786 and then address moving entries once 389-ds is released?
>>
>
> Hrm. You have a good point...
>
> Should I plan on deleting the .update files for user private groups and nis/host groups in the separate patch that institutes the container move?
Not sure I follow.
What I'd like to do is take an incremental approach. Lets get managed
entries working at all on replicas first, then deal with moving the
configuration once this functionality is widely available.
rob
rob
More information about the Freeipa-devel
mailing list