Re: [Freeipa-devel] [PATCH 0030] fix clean-dangling-ruv in topologies with only one CA

[Martin Basti]

On 29.04.2016 14:39, Stanislav Laznicka wrote:

https://fedorahosted.org/freeipa/ticket/5840

Please review the attached patch.



ACK

Pushed to:
master: 7098d98100d61f9ed2efc6d4db635c24f9786040
ipa-4-3: 040e9a12b0a7c9f73b899ad2b0df24ae27957417

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0030] fix clean-dangling-ruv in topologies with only one CA

[Stanislav Laznicka]

https://fedorahosted.org/freeipa/ticket/5840

Please review the attached patch.
From a612e7d642b652b863ba92bfb1c7d6b64de8f4bd Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Mon, 25 Apr 2016 10:11:55 +0200
Subject: [PATCH] Fix to clean-dangling-ruv for single CA topologies

clean-dangling-ruv would fail in topologies with only one CA or
when only one IPA server is present

https://fedorahosted.org/freeipa/ticket/5840
---
 install/tools/ipa-replica-manage | 54 
 1 file changed, 33 insertions(+), 21 deletions(-)

diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 8920c402a9c7379ddd684813e87c1f11ea1fa926..14e768965601cef08f13792bb5cd086534199538 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -674,32 +674,44 @@ def clean_dangling_ruvs(realm, host, options):
   .format(host=master_cn))
 offlines.add(master_cn)
 continue
-
 try:
-entry = conn.get_entry(replica_dn)
-ruv = (master_cn, entry.single_value.get('nsDS5ReplicaID'))
-# the check whether ruv is already in ruvs is performed by set type
-ruvs.add(ruv)
-
-if(master_info['ca']):
-entry = conn.get_entry(csreplica_dn)
-csruv = (master_cn, entry.single_value.get('nsDS5ReplicaID'))
-csruvs.add(csruv)
-
-# get_ruv returns server names with :port which needs to be split off
-ruv_list = get_ruv(realm, master_cn, options.dirman_passwd,
-   options.nolookup)
-master_info['ruvs'] = set([
-(re.sub(':\d+', '', x), y)
-for (x, y) in ruv_list
-])
+try:
+entry = conn.get_entry(replica_dn)
+ruv = (master_cn, entry.single_value.get('nsDS5ReplicaID'))
+# the check whether ruv is already in ruvs is performed
+# by the set type
+ruvs.add(ruv)
+except errors.NotFound:
+pass
 
 if master_info['ca']:
-ruv_list = get_ruv(realm, master_cn, options.dirman_passwd,
-   options.nolookup, ca=True)
+try:
+entry = conn.get_entry(csreplica_dn)
+csruv = (master_cn,
+ entry.single_value.get('nsDS5ReplicaID'))
+csruvs.add(csruv)
+except errors.NotFound:
+pass
+
+try:
+ruv_dict = get_ruv_both_suffixes(realm, master_cn,
+ options.dirman_passwd,
+ options.verbose,
+ options.nolookup)
+except (RuntimeError, NoRUVsFound):
+continue
+
+# get_ruv_both_suffixes returns server names with :port
+# This needs needs to be split off
+if ruv_dict.get('domain'):
+master_info['ruvs'] = set([
+(re.sub(':\d+', '', x), y)
+for (x, y) in ruv_dict['domain']
+])
+if ruv_dict.get('ca'):
 master_info['csruvs'] = set([
 (re.sub(':\d+', '', x), y)
-for (x, y) in ruv_list
+for (x, y) in ruv_dict['ca']
 ])
 except Exception as e:
 sys.exit("Failed to obtain information from '{host}': {error}"
-- 
2.5.5

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code