Dne 12.1.2015 v 16:30 Rob Crittenden napsal(a):
Jan Cholasta wrote:
Dne 12.1.2015 v 13:37 David Kupka napsal(a):
On 01/12/2015 01:14 PM, Jan Cholasta wrote:
Dne 12.1.2015 v 13:08 Martin Kosek napsal(a):
On 01/12/2015 12:53 PM, David Kupka wrote:

Looking at this patch, are data-only backups supposed to work properly
Wouldn't for example Directory Server fail to start when cn=config
contain some
hostname-bound values?

Just checking...

IMO the error should be raised in both data-only and full restore, if in
unattended mode or the user wishes not to continue.

Description of the problem in ticket states: "I tried to run ipa-restore
(full kind) on replica from full backup taken on master and was
expecting an error message that restore can not proceed and only data
restore possible."

I created the patch based on this request. Is it wrong and should
ipa-restore fail every time when hostnames does not match?

Yes, as Martin pointed out, the data may contain references to the

Does it make
sense to allow user to force the restoration in this case?

Yes, if the users wish, they should be allowed to continue.

IIRC a data restore is just the data from the replicated tree so there
is nothing hostname-specific. It is probably worth investigating so we
don't go too far one way or the other.

There's at least cn=<fqdn>,cn=masters,cn=etc,<suffix>.

A full restore definitely shouldn't be done on the wrong host as it will
restore certificates and keytabs that are definitely host-specific.

Should the continue prompt be removed then?


Jan Cholasta

Freeipa-devel mailing list

Reply via email to