On Fri, 14 Jan 2011 13:30:18 +0100 Jakub Hrozek <jhro...@redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/14/2011 12:59 PM, Jakub Hrozek wrote: > > On 01/14/2011 12:52 AM, Simo Sorce wrote: > > > >> Ticket #760 > > > > > > Ack > > Sorry, I have to witdhdraw my ack. I'm getting an installation error > with this patch: > > - ----------------------------------------------------------------- > 2011-01-14 07:25:13,490 INFO stdout=add objectclass: > mepTemplateEntry > add cn: > NGP HGP Template > add mepRDNAttr: > cn > add mepStaticAttr: > ipaUniqueId: autogenerate > objectclass: ipanisnetgroup > objectclass: ipaobject > nisDomainName: idm.lab.bos.redhat.com > add mepMappedAttr: > cn: $cn > memberHost: $dn > description: ipaNetgroup $cn > adding new entry "cn=NGP HGP > Template,cn=etc,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com" > > > 2011-01-14 07:25:13,490 INFO stderr=ldap_initialize( > ldap://vm-061.idm.lab.bos.redhat.com ) > ldap_add: No such object (32) > matched DN: dc=idm,dc=lab,dc=bos,dc=redhat,dc=com > > 2011-01-14 07:25:13,490 CRITICAL Failed to load host_nis_groups.ldif: > Command '/usr/bin/ldapmodify -h vm-061.idm.lab.bos.redhat.com -v -f > /tmp/tmpQdQTOE -x -D cn=Directory Manager -y /tmp/tmpoMHTnX' returned > non-zero exit status 32 > - ----------------------------------------------------------------- > > Since it didn't even match cn=etc, it looks like this step was run > before the bootstrapping step? Thanks for catching this one. Attached a patch that moves templates creation after we bootstrap and create cn=etc. As a nice side effect the mep entry for admin is not created (we want it that way as we already have the admins group). Simo. -- Simo Sorce * Red Hat, Inc * New York
>From c794fdb05cb05ebd7997022aacbf02840717bdb6 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 13 Jan 2011 16:00:36 -0500 Subject: [PATCH] Move mep templates under cn=etc Fixes: https://fedorahosted.org/freeipa/ticket/760 --- install/share/host_nis_groups.ldif | 4 ++-- install/share/user_private_groups.ldif | 4 ++-- ipaserver/install/dsinstance.py | 4 ++-- ipaserver/plugins/ldap2.py | 3 ++- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/install/share/host_nis_groups.ldif b/install/share/host_nis_groups.ldif index 24bb136ece442acba8665de27a5aa930f3f0b14e..b29d982cc6a1b8d419771fef1aac0e539960162c 100644 --- a/install/share/host_nis_groups.ldif +++ b/install/share/host_nis_groups.ldif @@ -1,4 +1,4 @@ -dn: cn=NGP HGP Template,$SUFFIX +dn: cn=NGP HGP Template,cn=etc,$SUFFIX changetype: add objectclass: mepTemplateEntry cn: NGP HGP Template @@ -18,4 +18,4 @@ cn: HGP Definition originScope: cn=hostgroups,cn=accounts,$SUFFIX originFilter: objectclass=ipahostgroup managedBase: cn=ng,cn=alt,$SUFFIX -managedTemplate: cn=NGP HGP Template,$SUFFIX +managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX diff --git a/install/share/user_private_groups.ldif b/install/share/user_private_groups.ldif index 6a3f49d8626c7c721aae6cd0d71e0c4ca52d4650..9df729a47207d2ab3dd30f763a73d05b102d882b 100644 --- a/install/share/user_private_groups.ldif +++ b/install/share/user_private_groups.ldif @@ -1,4 +1,4 @@ -dn: cn=UPG Template,$SUFFIX +dn: cn=UPG Template,cn=etc,$SUFFIX changetype: add objectclass: mepTemplateEntry cn: UPG Template @@ -17,5 +17,5 @@ cn: UPG Definition originScope: cn=users,cn=accounts,$SUFFIX originFilter: objectclass=posixAccount managedBase: cn=groups,cn=accounts,$SUFFIX -managedTemplate: cn=UPG Template,$SUFFIX +managedTemplate: cn=UPG Template,cn=etc,$SUFFIX diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 284bf242948aa3bb3ca80c5a4529e26a74767245..2bec95ce5aa2d34022f69570c09dfb40aa03cdec 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -208,10 +208,10 @@ class DsInstance(service.Service): self.step("configuring ssl for ds instance", self.__enable_ssl) self.step("configuring certmap.conf", self.__certmap_conf) self.step("restarting directory server", self.__restart_instance) + + def __common_post_setup(self): self.step("configuring user private groups", self.__user_private_groups) self.step("configuring netgroups from hostgroups", self.__host_nis_groups) - - def __common_post_setup(self): self.step("initializing group membership", self.init_memberof) self.step("adding master entry", self.__add_master_entry) self.step("configuring Posix uid/gid generation", diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index a728199eb25292c9a5a513f371d4b2a154fd1eb4..c2aae2be3e0ba082df7b72e9aef19fe56edbc67a 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -625,7 +625,8 @@ class ldap2(CrudBackend, Encoder): if _upg is None: try: upg_entry = self.conn.search_s( - 'cn=UPG Template, %s' % api.env.basedn, _ldap.SCOPE_BASE, + 'cn=UPG Template,cn=etc,%s' % api.env.basedn, + _ldap.SCOPE_BASE, attrlist=['*'] )[0] _upg = True -- 1.7.3.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel