Re: [Freeipa-devel] [PATCH] 397 Do not crash when replica is unreachable in ipa-restore
On 01/27/2015 07:59 PM, Rob Crittenden wrote: Martin Kosek wrote: On 01/27/2015 08:40 AM, Jan Cholasta wrote: Hi, the attached patch fixes https://fedorahosted.org/freeipa/ticket/4857. Honza Works like a charm, ACK. Pushed to: master: deb70d5b13ce0e7ec77debb4aa17d75df4c1dedd ipa-4-1: 74853b66f092a057c22ee811e945f631e6d65059 Sorry I missed this earlier, but this could be a timebomb. Ah, and I saw that one as a clear one. It means that there is some master out there that still has its old changelog and is waiting to push changes you may not want back to the restored master(s). This is a long shot, but doesn't changes done in https://fedorahosted.org/freeipa/ticket/4822 prevent other masters to sent updates and actually force them to re-initialize from restored master? Also CCing Thierry. It would definitely be worth testing a scenario like this: 3 masters, A, B, C. Backup A Add a bunch of data shut down C Restore A Re-init B Confirm that that data you added is gone Start up C See what happens. I suspect that data will be re-added. If this is the case, should we print big fat warning in ipa-restore Some of your replication agreements could not be disabled, there are the consequences... yadda yadda yadda... Are you sure you want to continue?? Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 397 Do not crash when replica is unreachable in ipa-restore
Martin Kosek wrote: On 01/27/2015 08:40 AM, Jan Cholasta wrote: Hi, the attached patch fixes https://fedorahosted.org/freeipa/ticket/4857. Honza Works like a charm, ACK. Pushed to: master: deb70d5b13ce0e7ec77debb4aa17d75df4c1dedd ipa-4-1: 74853b66f092a057c22ee811e945f631e6d65059 Sorry I missed this earlier, but this could be a timebomb. It means that there is some master out there that still has its old changelog and is waiting to push changes you may not want back to the restored master(s). It would definitely be worth testing a scenario like this: 3 masters, A, B, C. Backup A Add a bunch of data shut down C Restore A Re-init B Confirm that that data you added is gone Start up C See what happens. I suspect that data will be re-added. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 397 Do not crash when replica is unreachable in ipa-restore
On 01/27/2015 08:40 AM, Jan Cholasta wrote: Hi, the attached patch fixes https://fedorahosted.org/freeipa/ticket/4857. Honza Works like a charm, ACK. Pushed to: master: deb70d5b13ce0e7ec77debb4aa17d75df4c1dedd ipa-4-1: 74853b66f092a057c22ee811e945f631e6d65059 Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 397 Do not crash when replica is unreachable in ipa-restore
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/4857.
Honza
--
Jan Cholasta
From 6270155705249b6b6bcb4665156d73f2f14edb86 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Tue, 27 Jan 2015 07:38:06 +
Subject: [PATCH] Do not crash when replica is unreachable in ipa-restore
https://fedorahosted.org/freeipa/ticket/4857
---
ipaserver/install/ipa_restore.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index 562a793..b4ef808 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -458,6 +458,7 @@ class Restore(admintool.AdminTool):
self.dirman_password)
except Exception, e:
self.log.critical(Unable to disable agreement on %s: %s % (master, e))
+continue
master_dn = DN(('cn', master), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn)
try:
@@ -482,6 +483,7 @@ class Restore(admintool.AdminTool):
self.dirman_password)
except Exception, e:
self.log.critical(Unable to disable agreement on %s: %s % (master, e))
+continue
host_entries = repl.find_ipa_replication_agreements()
hosts = [rep.single_value.get('nsds5replicahost')
--
2.1.0
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
