[Freeipa-devel] ipa-replica-manage del fails to delete host entry
Tomas Babej
tbabej at redhat.com
Wed May 6 13:07:52 UTC 2015
On 05/06/2015 02:47 PM, Ludwig Krispenz wrote:
>
> Hi,
> in recent posts about corrupted ruvs, there also was the error about
> failing cleanup, like:
>
> ipa-replica-manage del vm-162.idm.lab.eng.brq.redhat.com
>
> ..
> Failed to cleanup vm-162.idm.lab.eng.brq.redhat.com entries: Not
> allowed on non-leaf entry
>
> in the access log we see
>
> [06/May/2015:14:19:11 +0200]conn=30 op=17 SRCH
> base="cn=vm-162.idm.lab.eng.brq.redhat.com,cn=masters,cn=ipa,cn=etc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
> scope=2 filter="(objectClass=*)" attrs=ALL
>
> [06/May/2015:14:19:11 +0200] conn=30 op=17 RESULT err=0 tag=101
> nentries=6 etime=0 notes=U
> [06/May/2015:14:19:11 +0200] conn=30 op=18 DEL
> dn="cn=vm-162.idm.lab.eng.brq.redhat.com,cn=masters,cn=ipa,cn=etc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
> [06/May/2015:14:19:11 +0200] conn=30 op=18 RESULT err=66 tag=107
> nentries=0 etime=0
>
> which means that there was an attempt to remove the host before the
> services
>
> in replica_cleanup we have:
>
> # delete master entry with all active services
>
> try:
> dn = DN(('cn', replica), ('cn', 'masters'), ('cn', 'ipa'),('cn',
> 'etc'), self.suffix)
> entries = self.conn.get_entries(dn, ldap.SCOPE_SUBTREE)
> if entries:
> entries.sort(key=len, reverse=True)
> for entry in entries:
> self.conn.delete_entry(entry)
>
> this intends to delete children befor the parent, as teh dns of
> children are longer, but get_entries does return a list of entries,
> not DNs, and so the sorting does not work as can be seen in this example:
>
> >>> list = [('123456','A'),('123','B'),('12345678','C')]
>
> >>> list.sort(key=len,reverse=True)
>
> >>> for l in list:
>
> ... print l
>
> ...
>
> ('123456', 'A')
>
> ('123', 'B')
>
> ('12345678', 'C')
>
>
>
A quick fix would be to use key=lambda x: len(x.dn) then.
Tomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150506/1ccccc43/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-tbabej-0324-replica-manage-Properly-delete-nested-entries.patch
Type: text/x-patch
Size: 2251 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150506/1ccccc43/attachment.bin>
More information about the Freeipa-devel
mailing list