[Freeipa-devel] tbabej's [PATCH 0324] replica-manage: properly delete nested entries

[Martin Babinsky]

The attached patch contains fix for bug 
https://fedorahosted.org/freeipa/ticket/5019 which Tomas posted on 
freeipa-devel here:


https://www.redhat.com/archives/freeipa-devel/2015-May/msg00045.html

I have reviewed the patch and it works, so ACK.

I have just changed the commit message to something more meaningful.

--
Martin^3 Babinsky
From 961fba0e09b4825e9db09f26fa19daba336ae437 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 6 May 2015 15:06:56 +0200
Subject: [PATCH] replica-manage: Properly delete nested entries

Bad ordering of LDAP entries during replica removal resulted in a failure to
delete replica and its services from cn=masters,cn=ipa,cn=etc,$SUFFIX. This
patch enforces the correct ordering of entries resulting in proper removal of
services before the host entry itself.

https://fedorahosted.org/freeipa/ticket/5019

---
 install/tools/ipa-replica-manage | 2 +-
 ipaserver/install/replication.py | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 4f92c0c927b3267eeb466a06d3283823c05437b0..0d2688e6d73b1591c5e386656b7198c20d71558a 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -322,7 +322,7 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
 ipautil.realm_to_suffix(realm))
 entries = repl1.conn.get_entries(dn, repl1.conn.SCOPE_SUBTREE)
 if entries:
-entries.sort(key=len, reverse=True)
+entries.sort(key=lambda x: len(x.dn), reverse=True)
 for entry in entries:
 repl1.conn.delete_entry(entry)
 except Exception, e:
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
index 66764c22f69328942fe2e4581cfafb3806438d7c..b84a223b0c6841c5e5b48231f0cdef1891023822 100644
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@@ -1152,7 +1152,7 @@ class ReplicationManager(object):
 self.suffix, ldap.SCOPE_SUBTREE,
 filter='(krbprincipalname=*/%s@%s)' % (replica, realm))
 if entries:
-entries.sort(key=len, reverse=True)
+entries.sort(key=lambda x: len(x.dn), reverse=True)
 for entry in entries:
 self.conn.delete_entry(entry)
 except errors.NotFound:
@@ -1194,7 +1194,7 @@ class ReplicationManager(object):
 ('cn', 'etc'), self.suffix)
 entries = self.conn.get_entries(dn, ldap.SCOPE_SUBTREE)
 if entries:
-entries.sort(key=len, reverse=True)
+entries.sort(key=lambda x: len(x.dn), reverse=True)
 for entry in entries:
 self.conn.delete_entry(entry)
 except errors.NotFound:
-- 
2.1.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] tbabej's [PATCH 0324] replica-manage: properly delete nested entries

[Petr Vobornik]

On 05/26/2015 09:37 AM, Martin Babinsky wrote:

The attached patch contains fix for bug
https://fedorahosted.org/freeipa/ticket/5019 which Tomas posted on
freeipa-devel here:

https://www.redhat.com/archives/freeipa-devel/2015-May/msg00045.html

I have reviewed the patch and it works, so ACK.

I have just changed the commit message to something more meaningful.



Pushed to:
master: c5f319d3e8d1b5e500225af207ac247f75baea17
ipa-4-1: aa83d2011268195d2a183c1de67560536b83ff72

--
Petr Vobornik

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code