On Wed, 2012-02-29 at 10:31 -0500, Rob Crittenden wrote: > Martin Kosek wrote: > > On Tue, 2012-02-28 at 17:36 -0500, Rob Crittenden wrote: > >> We were setting the GID of migrated users to that of the default user's > >> group (ipausers) when it should have been the same as the UID unless UPG > >> was disabled. > >> > >> This does the right thing and fixes migration which was broken when we > >> made ipausers a non-posix group. > >> > >> rob > > > > NACK > > > > This is a good start, but you missed a case when UPGs are disabled. We > > crash in that case: > > > > # ipa-managed-entries -e 'UPG Definition' disable > > Disabling Plugin > > # ipa migrate-ds --user-container=ou=People --group-container=ou=Groups > > ldap://vm-054.idm.lab.bos.redhat.com --bind-dn="cn=Directory Manager" > > Password: > > ipa: ERROR: an internal error has occurred > > > > /var/log/httpd/error_log: > > [Wed Feb 29 09:15:36 2012] [error] ipa: ERROR: non-public: KeyError: > > 'gidnumber' > > [Wed Feb 29 09:15:36 2012] [error] Traceback (most recent call last): > > [Wed Feb 29 09:15:36 2012] [error] File > > "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 314, in > > wsgi_execute > > [Wed Feb 29 09:15:36 2012] [error] result = self.Command[name](*args, > > **options) > > [Wed Feb 29 09:15:36 2012] [error] File > > "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 443, in > > __call__ > > [Wed Feb 29 09:15:36 2012] [error] ret = self.run(*args, **options) > > [Wed Feb 29 09:15:36 2012] [error] File > > "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 721, in run > > [Wed Feb 29 09:15:36 2012] [error] return self.execute(*args, **options) > > [Wed Feb 29 09:15:36 2012] [error] File > > "/usr/lib/python2.7/site-packages/ipalib/plugins/migration. py", line 667, > > in execute > > [Wed Feb 29 09:15:36 2012] [error] ldap, config, ds_ldap, ds_base_dn, > > options > > [Wed Feb 29 09:15:36 2012] [error] File > > "/usr/lib/python2.7/site-packages/ipalib/plugins/migration. py", line 605, > > in migrate > > [Wed Feb 29 09:15:36 2012] [error] **blacklists > > [Wed Feb 29 09:15:36 2012] [error] File > > "/usr/lib/python2.7/site-packages/ipalib/plugins/migration. py", line 125, > > in _pre_migrate_user > > [Wed Feb 29 09:15:36 2012] [error] ctx['def_group_gid'] = > > g_attrs['gidnumber'][0] > > [Wed Feb 29 09:15:36 2012] [error] KeyError: 'gidnumber' > > [Wed Feb 29 09:15:36 2012] [error] ipa: INFO: ad...@idm.lab.bos.redhat.com: > > migrate_ds(u'ldap://vm-054.idm.lab.bos.redhat.com', u'********', > > binddn=u'cn=Directory Manager', usercontainer=u'ou=People', > > groupcontainer=u'ou=Groups', userobjectclass=(u'person',), > > groupobjectclass=(u'groupOfUniqueNames', u'groupOfNames'), > > userignoreobjectclass=None, userignoreattribute=None, > > groupignoreobjectclass=None, groupignoreattribute=None, > > groupoverwritegid=False, schema=u'RFC2307bis', continue=False, > > exclude_groups=None, exclude_users=None): KeyError > > > > > > Martin > > > > Updated. Will now report an error if the default group is not POSIX and > UPG is disabled. > > rob
Yup, that should be enough. ACK. Pushed to master, ipa-2-2. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
