[Freeipa-devel] [PATCH] 38 Move Managed Entries into their own container in the replicated space.

JR Aquino JR.Aquino at citrix.com
Thu Sep 8 17:41:36 UTC 2011


On Sep 8, 2011, at 10:06 AM, JR Aquino wrote:

> On Sep 8, 2011, at 4:38 AM, Martin Kosek wrote:
> 
>> On Tue, 2011-09-06 at 22:33 +0000, JR Aquino wrote:
>>> On Jul 22, 2011, at 6:54 AM, Martin Kosek wrote:
>>> 
>>>> On Thu, 2011-07-21 at 23:00 +0000, JR Aquino wrote:
>>>>> Create: cn=Managed Entries,cn=etc,$SUFFIX
>>>>> Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
>>>>> Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
>>>>> 
>>>>> Create method for migrating any and all custom Managed Entries from
>>>>> the cn=config space into the new container.
>>>>> 
>>>>> The Managed Entries plugin configurations weren't being created on
>>>>> replica installs.
>>>>> 
>>>>> This patch addresses two seperate tickets and accounts for
>>>>> new installs, replica installs, and upgrades.
>>>>> 
>>>>> https://fedorahosted.org/freeipa/ticket/1181 - Managed Entry Tool / New Container <A separate patch will cover the management tool>
>>>>> https://fedorahosted.org/freeipa/ticket/1222 - Add Managed Entries during Replica installation <extended solution>
>>>> 
>>>> I found few issues with the patch (tested along with 25):
>>>> 
>>>> 1) When upgrading an old instance, NGP and UGP definitions in
>>>> cn=Managed Entries,cn=plugins,cn=config were not deleted. This lead to 2
>>>> managed entries plugin definitions
>>> 
>>> Fixed this condition.  389 prohibits the deletion of Managed Entries while they are active.
>>> I had to perform the repointing to the new cn=etc container, perform the migration of the legacy configs, then perform a restart of dirsrv.
>>> 
>>>> 
>>>> 2) Managed entries on a replica didn't work for me. For example UPG was
>>>> created on a master, but was not on a replica
>>> 
>>> This should also be resolved now.
>>> 
>>>> 
>>>> Martin
>>>> 
>>> 
>>> I had to break out the connection code in update for ldapupdate.py so that connections could be reestablished post dirsrv restart.
>>> 
>>> I also had to create a service class to perform the restart.
>>> 
>>> installutils.py has been modified to provide wait_for_open_socket() similar to wait_for_open_port()
>>> 
>> 
>> Hello JR,
>> 
>> I tested you patch, it works fine for both upgrading the replicas and
>> new installations. Old Managed Entries definitions were successfully
>> deleted.
>> 
>> I just found few issues with the patch format itself:
>> 
>> 1) Commit message is all wrong, its all on the Subject line which is
>> then put to commit title during "git am". I suggest using our standard
>> commit message formatting:
>> 
>> COMMIT_TITLE
>> 
>> COMMIT_DESCRIPTION
>> 
>> TRAC_TICKET_LINK
>> 
>> 2) There were few whitespace errors:
>> $ git apply ~/freeipa-jraquino-0038-Move-Managed-Entries-into-their-own-container.patch
>> /home/mkosek/freeipa-jraquino-0038-Move-Managed-Entries-into-their-own-container.patch:519: trailing whitespace.
>> 
>> /home/mkosek/freeipa-jraquino-0038-Move-Managed-Entries-into-their-own-container.patch:526: trailing whitespace.
>> 
>> Otherwise the patch looks good to me, if it is OK with Rob (since he
>> wrote the entire ldapupdate.py) I think we can push it after you fix the
>> 2 changes I proposed.
> 
> Fixed the whitespace errors and adjusted the commit message.
> 
> <freeipa-jraquino-0038-Move-Managed-Entries-into-their-own-container.patch>

Self NAK

Looks like I missed a piece in this recent patch that creates the cn=etc containers out of order.

New patch to follow shortly





More information about the Freeipa-devel mailing list