Re: [Freeipa-devel] [PATCH 0377-0382] Synchronize changes from LDAP after reconnect
Hi, functionality seems to work fine. I have not checked the code thoroughly. Kind of a test is attached (requires setting named's ldap connection appropriately). ACK Matúš Honěk - Original Message - From: Petr Spacek pspa...@redhat.com To: tho...@redhat.com, Matus Honek mho...@redhat.com Cc: freeipa-devel@redhat.com Sent: Wednesday, May 27, 2015 2:50:52 PM Subject: [PATCH 0377-0382] Synchronize changes from LDAP after reconnect Hello, https://fedorahosted.org/bind-dyndb-ldap/ticket/128 Previously records deleted when connection to LDAP server was down were not synchronized properly. It should work now. I use this command to simulate broken connections and connection re-establishment: $ socat tcp-listen:3899,reuseaddr,fork tcp-connect:localhost:389 It should be enough to add ldap://$(hostname):3899 as LDAP URI to /etc/named.conf and then simulate changes by killing and restarting socat. Let me know if you need any assistance! -- Petr^2 Spacek test-resync-on-unavailability.sh Description: application/shellscript -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0367] Support unknown record types (RFC 3597)
Works with correct privileges checking, as in your patch attached. ACK Matúš Honěk - Original Message - From: Petr Spacek pspa...@redhat.com To: tho...@redhat.com Cc: freeipa-devel@redhat.com, Matus Honek mho...@redhat.com Sent: Friday, May 22, 2015 10:03:49 AM Subject: Re: [Freeipa-devel] [PATCH 0367] Support unknown record types (RFC 3597) On 18.5.2015 17:31, Petr Spacek wrote: Hello, This patch is unrelated to metaDB but it should be merged before alpha, too. Thank you for review! Support unknown record types (RFC 3597). Fallback to generic LDAP attribute UnknownRecord;TYP256 if attempt to add specific attribute like URIRecord failed with LDAP_OBJECT_CLASS_VIOLATION and always delete both attributes like URIRecord and UnknownRecord;TYPE256. https://fedorahosted.org/bind-dyndb-ldap/ticket/157 Fixed version is attached. Version 1 could dereference NULL pointers in second iteration of while loops. -- Petr^2 Spacek diff --git a/src/ldap_helper.c b/src/ldap_helper.c index 67a1c9a..944169a 100644 --- a/src/ldap_helper.c +++ b/src/ldap_helper.c @@ -3112,7 +3112,7 @@ retry: log_ldap_error(ldap_conn-handle, while %s entry '%s', operation_str, dn); /* attempt to manipulate attribute failed - likely a unknown RR type */ - if (err_code == LDAP_OBJECT_CLASS_VIOLATION) + if (err_code == LDAP_OBJECT_CLASS_VIOLATION || err_code == LDAP_INSUFFICIENT_ACCESS) CLEANUP_WITH(DNS_R_UNKNOWN); /* do not error out if we are trying to delete an -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0368-0371] Support LDAP MODRDN for ordinary DNS records
Hello, patches seem to work all right. Thus ACK. Matúš Honěk - Original Message - From: Petr Spacek pspa...@redhat.com To: tho...@redhat.com, Matus Honek mho...@redhat.com Cc: freeipa-devel@redhat.com Sent: Wednesday, May 20, 2015 9:06:47 AM Subject: [PATCH 0368-0371] Support LDAP MODRDN for ordinary DNS records Hello, this patchset implements support for MODRDN for ordinary records. As noted in ticket https://fedorahosted.org/bind-dyndb-ldap/ticket/123, we agreed yesterday that renaming zones is out of scope and seems unnecessarily complex. This patch set depends on 'metadb' branch. It is also available from: https://github.com/pspacek/bind-dyndb-ldap/tree/modrdn Thank you for your time! -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
