On 08/08/2012 09:37 AM, Martin Kosek wrote:
I started reviewing the latest state of your DN effort in your git repo. It is
in much better shape than before, but I still found some issues in utilities we
use. I am sending what I have found so far.


1) ipa-managed-entries is broken
# ipa-managed-entries -l
Available Managed Entry Definitions:
[u'UPG Definition']
[u'NGP Definition']

# ipa-managed-entries -e 'UPG Definition' status
Unexpected error
AttributeError: 'LDAPEntry' object has no attribute 'originfilter'

O.K. will investigate

2) ipa-replica-prepare is broken when --ip-address is passed
# ipa-replica-prepare vm-055.idm.lab.bos.redhat.com --ip-address=
Directory Manager (existing master) password:

Preparing replica for vm-055.idm.lab.bos.redhat.com from
Creating SSL certificate for the Directory Server
Creating SSL certificate for the dogtag Directory Server
Creating SSL certificate for the Web Server
Exporting RA certificate
Copying additional files
Finalizing configuration
Packaging replica information into
Adding DNS records for vm-055.idm.lab.bos.redhat.com
preparation of replica failed: invalid 'ip_address': Gettext('invalid IP
address format', domain='ipa', localedir=None)
invalid 'ip_address': Gettext('invalid IP address format', domain='ipa',
   File "/sbin/ipa-replica-prepare", line 464, in <module>

   File "/sbin/ipa-replica-prepare", line 452, in main

   File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 302, in add_zone

   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 433, in 

   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 705, in 
     param.validate(value, self.env.context, supplied=param.name in kw)

   File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 879, in

   File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 900, in

Yes, I saw the same thing, but I don't think it's has anything to do with dn's. I even asked about this on IRC yesterday. Are you sure this isn't broken on master as well? When I looked at the code it just looked wrong and I didn't touch anything in this area. Can someone do a quick check on master and see if the problem exists there too?

3) ipa-replica-manage list is broken:
# ipa-replica-manage list
Failed to get data from 'vm-086.idm.lab.bos.redhat.com':
scope=1, filterstr="(objectClass=*)"

I think the problem here is that the following code in ipa-replica-manage
returns an exception when no entry in cn=replicas is found (which is ok):

         dn = DN(('cn', 'replicas'), ('cn', 'ipa'), ('cn', 'etc'),
         entries = conn.getList(dn, ldap.SCOPE_ONELEVEL)

O.K. thanks, will investigate, seems like a simple fix.

4) IPA compliance is broken

# ipa-compliance
IPA compliance checking failed:

This is the traceback (some DN was left in string format):
Traceback (most recent call last):
   File "/sbin/ipa-compliance", line 198, in <module>
   File "/sbin/ipa-compliance", line 179, in main
     check_compliance(tmpdir, options.debug)
   File "/sbin/ipa-compliance", line 121, in check_compliance
     size_limit = -1)
   File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line
1087, in find_entries
     assert isinstance(base_dn, DN)

O.K. will investigate, seems like a simple fix.

Btw. Petr Vobornik is testing Web UI, so far so good


John Dennis <jden...@redhat.com>

Looking to carve out IT costs?

Freeipa-devel mailing list

Reply via email to