On 02/25/2015 02:34 PM, Martin Basti wrote:
Modifications:
* All plugins are migrated into new configuration style.
* I left attribute uniqueness plugin disabled, cn=uid
uniqueness,cn=plugins,cn=config is checking the same attribute.
* POST_UPDATE plugin for uid removed, I moved it to update file. Is it
okay Alexander? I haven't found reason why we need to do it in update
plugin.
Thierry, I touched configuration of plugins, which user lifecycle
requires, can you take look if I it does not break anything?
Patches attached.
Hello Martin,
The fix looks good. I have just one question regarding
install/updates/10-uniqueness.update.
For example :
# uid uniqueness scopes Active/Delete containers
dn: cn=attribute uniqueness,cn=plugins,cn=config
-remove:nsslapd-pluginarg1:'$SUFFIX'
-add:nsslapd-pluginarg1:'cn=accounts,$SUFFIX'
-add:nsslapd-pluginarg2:'cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX'
+remove:uniqueness-subtrees:'$SUFFIX'
+add:uniqueness-subtrees:'cn=accounts,$SUFFIX'
+add:uniqueness-subtrees:'cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX'
remove:nsslapd-pluginenabled:off
add:nsslapd-pluginenabled:on
If we update the rpm from a version where 'nsslapd-pluginarg1' was used.
It will not remove it and we will have 'nsslapd-pluginarg1' along with
'uniqueness-subtrees'.
Should not we keep 'remove:nsslapd-pluginarg1:'$SUFFIX'' ?
thanks
thierry
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel