I found a couple of problems in error handling in ipa-replica-manage when doing some oddball testing. See the ticket for full details.

This may apply by itself but in my tree it exists after patch 1088.

>From 0d86454ccbfb68ec6ff43937989d4153b5bd48d5 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Fri, 1 Mar 2013 17:45:41 -0500
Subject: [PATCH] Improve some error handling in ipa-replica-manage

If you break a replica install after the agreement is created but
before it gets much further you'll be in the situation where an
agreement exists, no cn=masters entry exists, and the RUV may not
be set yet.

This adds some error handling so the broken install can be safely

 install/tools/ipa-replica-manage | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index a5e36df6d912d3537675ee96010dcc6313248786..6c0b45620dd2deabfc11ef2249b18205fb23b1fd 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -650,8 +650,11 @@ def del_master(realm, hostname, options):
         for master_cn in [m.single_value('cn') for m in masters]:
             master_dn = DN(('cn', master_cn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ipautil.realm_to_suffix(realm))
-            services = delrepl.conn.get_entries(master_dn,
-                                                delrepl.conn.SCOPE_ONELEVEL)
+            try:
+                services = delrepl.conn.get_entries(master_dn,
+                                                    delrepl.conn.SCOPE_ONELEVEL)
+            except errors.NotFound:
+                continue
             services_cns = [s.single_value('cn') for s in services]
             if master_cn == hostname:
@@ -686,7 +689,7 @@ def del_master(realm, hostname, options):
                 "from %s: %s" % (hostname, r, e))
     # 5. Clean RUV for the deleted master
-    if repltype == replication.IPA_REPLICA:
+    if repltype == replication.IPA_REPLICA and rid is not None:
         except KeyboardInterrupt:

Freeipa-devel mailing list

Reply via email to