[Freeipa-devel] [PATCH] 795 Remove root autobind search restriction, fix upgrade logging & error handling.
Martin Kosek
mkosek at redhat.com
Mon Jun 13 07:53:52 UTC 2011
On Fri, 2011-06-10 at 15:41 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Thu, 2011-06-09 at 16:32 -0400, Rob Crittenden wrote:
> >> Rob Crittenden wrote:
> >>> There was no point in limiting autobind root to just search cn=config
> >>> since it could always just modify its way out of the box, so remove the
> >>> restriction.
> >>>
> >>> The upgrade log wasn't being created. Clearing all other loggers before
> >>> we calling logging.basicConfig() fixes this.
> >>>
> >>> Add a global exception when performing updates so we can gracefully
> >>> catch and log problems without leaving the server in a bad state.
> >>>
> >>> https://fedorahosted.org/freeipa/ticket/1243
> >>> https://fedorahosted.org/freeipa/ticket/1254
> >>>
> >>> rob
> >>
> >> This was leaving a bogus entry in systrestore.index and an empty value
> >> in dse.ldif. I updated the patch.
> >>
> >> rob
> >
> > Autobind portion works fine. However, upgrade failure processing can be
> > improved:
> >
> > 1) When Exception is catched in IPAUpgrade, it is neither logged nor
> > printed out. This can make it difficult to debug.
>
> Yup, logging it now.
>
> >
> > 2) User running `ipa-ldap-updater --upgrade` cannot tell if the upgrade
> > was wrong. Success status code is returned by the program and no info
> > that something has failed is given.
>
> Gah, I had a return 1 there at some point...Added back.
>
> rob
ACK. Pushed to master, ipa-2-0.
Martin
More information about the Freeipa-devel
mailing list