On 02/13/2015 12:10 PM, David Kupka wrote:
On 01/30/2015 11:00 AM, Martin Babinsky wrote:
On 01/30/2015 10:54 AM, Martin Babinsky wrote:
Attached patch fixes https://fedorahosted.org/freeipa/ticket/4864.

Freeipa-devel mailing list

Got the ticket number wrong. Should be

Attaching patch with fixed description.

Freeipa-devel mailing list

thanks for the patch. It works as expected but you've done two things in
one patch:
1. Added check for empty migration.
2. Removed unused parameter of function.

Each of them would be enough to fix the issue. Raising error seems to be
better solution.
If you think that unused parameters (yes, there is not only one :-)
should be removed please do it in separate patch.

Very well,

I am attaching patch which features only the check for empty user/group containers during migration.

I will also add example steps to reproduce https://fedorahosted.org/freeipa/ticket/4846 since it can be a bit tricky:

1. Setup 389 directory server on one machine using setup-ds.pl script.

2. Delete all user and group entries from LDAP tree.

3. Setup an IPA master on another machine.

4. Enable migration of users/groups from 389DS to IPA master:
   ipa config-mod --enable-migration=True

5. Force-migrate users/group from 389DS:
   ipa migrate-ds ${389DS_LDAP_URI} --continue --with-compat

6. See /var/log/httpd/error_log for the resulting traceback.

Martin^3 Babinsky
From c6fc22e1d1795df2ea34a15fea4e09d7e42965bf Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Fri, 13 Feb 2015 17:53:27 +0100
Subject: [PATCH 2/2] migrate-ds: exit with error message if no users/groups to
 migrate are found

'ipa migrate-ds' will now exit with error message if no suitable users/groups
are found on LDAP server during migration.


 ipalib/plugins/migration.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py
index cd1fa73f8f514fa5441bea482199291450c87008..d9406907bb2679ad443ae8c90f01740fe15487a7 100644
--- a/ipalib/plugins/migration.py
+++ b/ipalib/plugins/migration.py
@@ -841,6 +841,12 @@ can use their Kerberos accounts.''')
                     api.log.info("%d %ss migrated. %s elapsed." % (migrate_cnt, ldap_obj_name, total_dur))
                 api.log.debug("%d %ss migrated, duration: %s (total %s)" % (migrate_cnt, ldap_obj_name, d, total_dur))
+        # if no users/groups were found (all lists in 'migrated' are empty),
+        # we raise an error that there is nothing to migrate
+        if not any(migrated.values()):
+            raise errors.NotFound(
+                reason=_("Found no users/groups to migrate "
+                         "from '%(ds_ldap)s'.") % dict(ds_ldap=ds_ldap))
         _update_default_group(ldap, pkey, config, context, True)
         return (migrated, failed)

Freeipa-devel mailing list

Reply via email to