[Freeipa-devel] [PATCH] 786 Configure Managed Entries on replicas.
Martin Kosek
mkosek at redhat.com
Wed May 25 19:30:55 UTC 2011
On Wed, 2011-05-25 at 19:50 +0200, Martin Kosek wrote:
> On Wed, 2011-05-25 at 17:22 +0000, JR Aquino wrote:
> > On May 20, 2011, at 7:14 AM, Rob Crittenden wrote:
> >
> > > JR Aquino wrote:
> > >> On May 18, 2011, at 2:52 PM, Rob Crittenden wrote:
> > >>
> > >>> Rob Crittenden wrote:
> > >>>> The Managed Entries plugin configurations weren't being created on
> > >>>> replica installs. The templates were there but the cn=config portions
> > >>>> were not.
> > >>>>
> > >>>> This patch adds them as updates. The template portion will be added in
> > >>>> the initial replication.
> > >>>>
> > >>>> ticket 1222
> > >>>>
> > >>>> To test:
> > >>>>
> > >>>> Install a master
> > >>>> Install a replica
> > >>>> On replica: kinit
> > >>>> On replica: ipa user-add --first=timmy --last=test ttest
> > >>>> On replica: ipa group-show ttest
> > >>>> On master: ipa group-show ttest
> > >>>>
> > >>>> rob
> > >>>
> > >>> Updated patch attached. This requires jraquino patch 28 to work as expected.
> > >>>
> > >>> rob
> > >>> <freeipa-rcrit-786-2-replica.patch>
> > >>
> > >> NACK
> > >>
> > >> This patch is not applying to Master?
> > >>
> > >> error: patch failed: install/updates/Makefile.am:8
> > >> error: install/updates/Makefile.am: patch does not apply
> > >>
> > >
> > > Rebased, it depended on my patch 769.
> >
> > ACK
>
> Please keep in mind that the configuration for UPG plugin needs to be
> updated. My patch 67 with new --noprivate option for suppressing UPG
> creation for new user changed the originFilter configuration:
>
> originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__)))
>
> This patch is not in ipa-2-0 branch, so the originFilter for this branch
> is the same as in this patch.
>
> Martin
>
Second ACK from me. I tested upgrading replica and it worked. Still, my
statement above is valid - this should be fixed before pushing.
As we spoke with Rob today, I wonder if we would want --noprivate option
also for ipa-2-0 branch. It may be useful.
Martin
More information about the Freeipa-devel
mailing list