[Freeipa-devel] [PATCH] 152 Enable automember for upgraded servers
Martin Kosek
mkosek at redhat.com
Tue Nov 29 08:04:20 UTC 2011
On Mon, 2011-11-28 at 18:16 -0500, Rob Crittenden wrote:
> Nathan Kinder wrote:
> > On 11/04/2011 02:35 PM, Nathan Kinder wrote:
> >> On 11/04/2011 02:26 PM, Martin Kosek wrote:
> >>> On Fri, 2011-11-04 at 14:04 -0700, Nathan Kinder wrote:
> >>>> On 11/04/2011 02:02 PM, Rob Crittenden wrote:
> >>>>> Martin Kosek wrote:
> >>>>>> automember functionality is depends on predefined data is in LDAP.
> >>>>>> Since we add it for fresh installs only, automember cannot be used
> >>>>>> for upgraded servers. Make sure that automember LDAP data is added
> >>>>>> during upgrade too.
> >>>>>>
> >>>>>> https://fedorahosted.org/freeipa/ticket/1992
> >>>>> I think you need that automember schema as well. Can you check with
> >>>>> the 389-ds team to see if their upgrade script automatically adds new
> >>>>> schema or if we have to handle that ourselves?
> >>>> The new automember schema should be added by 'setup-ds.pl -u', so I
> >>>> don't expect you need to do anything around schema in FreeIPA.
> >>> Nathan, when is the "setup-ds.pl -u" executed? When the dirsrv rpm is
> >>> updated, just like FreeIPA runs ipa-ldap-updater in rpm update %post? Or
> >>> does it have to be run manually?
> >> It is run in the the %posttrans stage for 389-ds-base.
> >>> I am asking because the schema problem seems like the root cause that
> >>> one user has here (the last post):
> >>>
> >>> https://bugzilla.redhat.com/show_bug.cgi?id=746589
> >> There should be a
> >> '/etc/dirsrv/slapd-<instance>/schema/10automember-plugin.ldif' file if
> >> the proper version
> >> of 389-ds-base is being used and if 'setup-ds.pl -u' successfully
> >> updated the schema. There should also be
> >> a '/etc/dirsrv/schema/10automember-plugin.ldif' file present
> >> regardless of 'setup-ds.pl -u' having run
> >> successfully.
> > I just tested running 'setup-ds.pl -u' manually with a master build of
> > 389-ds-base, and there is a bug that is preventing the updates from
> > being applied. I logged the following bug for this:
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=751495
> >
> > The fix is a one-liner, and I believe Rich is working on getting a fixed
> > build out ASAP.
>
> ACK, works for me.
>
> rob
Pushed to master, ipa-2-1.
Martin
More information about the Freeipa-devel
mailing list