On Mon, 08 Aug 2016, Petr Vobornik wrote:
On 08/08/2016 12:26 PM, Alexander Bokovoy wrote:
On Mon, 08 Aug 2016, Alexander Bokovoy wrote:
Hi!

Attached patch is what is needed to allow external plugins for FreeIPA
framework to be functional if they need to extend a schema.

The idea is that we would have a separate directory as
/usr/share/ipa/schema.d and will allow to use schema (*.ldif) files from
it and its subdirectories during install and upgrade stages.

Without the patch only selected schema files from /usr/share/ipa are
used during install and upgrade. This leads to a failure to install IPA
server (or upgrade it) if a new plugin is added. If plugin defines
managed permissions, upgrade tool will generate ACIs which will fail to
be inserted into LDAP store due to references to missing attributes and
object classes.

The patch adds a directory to be installed and a helper utility that
loads files from the directory and adds them to the list of schema files
used during update of dsinstance and upgrade of the server.

With this patch I'm successfully managed to make FleetCommander
integration plugin completely independent of FreeIPA.
Patch attached now. ;)


I'll assume that we want to target 4.4.x therefore it can be pushed to
master, right? I.e. no need for creating ipa-4-4 branch atm.
Right.

Reasoning is that currently F24 has 4.3.x. F25 will most likely have
4.4.x because 4.5 is still in planning.
Sounds good to me. FleetCommander (which is one of drivers behind the
patches) is targeting F25 as well.

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to