[Freeipa-devel] [PATCH] 152 Enable automember for upgraded servers
Nathan Kinder
nkinder at redhat.com
Fri Nov 4 21:50:17 UTC 2011
On 11/04/2011 02:35 PM, Nathan Kinder wrote:
> On 11/04/2011 02:26 PM, Martin Kosek wrote:
>> On Fri, 2011-11-04 at 14:04 -0700, Nathan Kinder wrote:
>>> On 11/04/2011 02:02 PM, Rob Crittenden wrote:
>>>> Martin Kosek wrote:
>>>>> automember functionality is depends on predefined data is in LDAP.
>>>>> Since we add it for fresh installs only, automember cannot be used
>>>>> for upgraded servers. Make sure that automember LDAP data is added
>>>>> during upgrade too.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/1992
>>>> I think you need that automember schema as well. Can you check with
>>>> the 389-ds team to see if their upgrade script automatically adds new
>>>> schema or if we have to handle that ourselves?
>>> The new automember schema should be added by 'setup-ds.pl -u', so I
>>> don't expect you need to do anything around schema in FreeIPA.
>> Nathan, when is the "setup-ds.pl -u" executed? When the dirsrv rpm is
>> updated, just like FreeIPA runs ipa-ldap-updater in rpm update %post? Or
>> does it have to be run manually?
> It is run in the the %posttrans stage for 389-ds-base.
>> I am asking because the schema problem seems like the root cause that
>> one user has here (the last post):
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=746589
> There should be a
> '/etc/dirsrv/slapd-<instance>/schema/10automember-plugin.ldif' file if
> the proper version
> of 389-ds-base is being used and if 'setup-ds.pl -u' successfully
> updated the schema. There should also be
> a '/etc/dirsrv/schema/10automember-plugin.ldif' file present
> regardless of 'setup-ds.pl -u' having run
> successfully.
I just tested running 'setup-ds.pl -u' manually with a master build of
389-ds-base, and there is a bug that is preventing the updates from
being applied. I logged the following bug for this:
https://bugzilla.redhat.com/show_bug.cgi?id=751495
The fix is a one-liner, and I believe Rich is working on getting a fixed
build out ASAP.
>
> -NGK
>> Thanks,
>> Martin
>>
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
More information about the Freeipa-devel
mailing list