On Tue, 2011-09-06 at 22:33 +0000, JR Aquino wrote:
> On Jul 22, 2011, at 6:54 AM, Martin Kosek wrote:
> > On Thu, 2011-07-21 at 23:00 +0000, JR Aquino wrote:
> >> Create: cn=Managed Entries,cn=etc,$SUFFIX
> >> Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
> >> Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
> >> Create method for migrating any and all custom Managed Entries from
> >> the cn=config space into the new container.
> >> The Managed Entries plugin configurations weren't being created on
> >> replica installs.
> >> This patch addresses two seperate tickets and accounts for
> >> new installs, replica installs, and upgrades.
> >> https://fedorahosted.org/freeipa/ticket/1181 - Managed Entry Tool / New
> >> Container <A separate patch will cover the management tool>
> >> https://fedorahosted.org/freeipa/ticket/1222 - Add Managed Entries during
> >> Replica installation <extended solution>
> > I found few issues with the patch (tested along with 25):
> > 1) When upgrading an old instance, NGP and UGP definitions in
> > cn=Managed Entries,cn=plugins,cn=config were not deleted. This lead to 2
> > managed entries plugin definitions
> Fixed this condition. 389 prohibits the deletion of Managed Entries while
> they are active.
> I had to perform the repointing to the new cn=etc container, perform the
> migration of the legacy configs, then perform a restart of dirsrv.
> > 2) Managed entries on a replica didn't work for me. For example UPG was
> > created on a master, but was not on a replica
> This should also be resolved now.
> > Martin
> I had to break out the connection code in update for ldapupdate.py so that
> connections could be reestablished post dirsrv restart.
> I also had to create a service class to perform the restart.
> installutils.py has been modified to provide wait_for_open_socket() similar
> to wait_for_open_port()
I tested you patch, it works fine for both upgrading the replicas and
new installations. Old Managed Entries definitions were successfully
I just found few issues with the patch format itself:
1) Commit message is all wrong, its all on the Subject line which is
then put to commit title during "git am". I suggest using our standard
commit message formatting:
2) There were few whitespace errors:
$ git apply
Otherwise the patch looks good to me, if it is OK with Rob (since he
wrote the entire ldapupdate.py) I think we can push it after you fix the
2 changes I proposed.
Freeipa-devel mailing list