[Freeipa-devel] [PATCHES 0197-0198] Fix uniqueness plugins upgrade
Martin Basti
mbasti at redhat.com
Wed Feb 25 16:28:50 UTC 2015
On 25/02/15 17:23, thierry bordaz wrote:
> On 02/25/2015 02:34 PM, Martin Basti wrote:
>> Modifications:
>> * All plugins are migrated into new configuration style.
>> * I left attribute uniqueness plugin disabled, cn=uid
>> uniqueness,cn=plugins,cn=config is checking the same attribute.
>> * POST_UPDATE plugin for uid removed, I moved it to update file. Is
>> it okay Alexander? I haven't found reason why we need to do it in
>> update plugin.
>>
>> Thierry, I touched configuration of plugins, which user lifecycle
>> requires, can you take look if I it does not break anything?
>>
>> Patches attached.
>>
> Hello Martin,
>
> The fix looks good. I have just one question regarding
> install/updates/10-uniqueness.update.
>
> For example :
> # uid uniqueness scopes Active/Delete containers
> dn: cn=attribute uniqueness,cn=plugins,cn=config
> -remove:nsslapd-pluginarg1:'$SUFFIX'
> -add:nsslapd-pluginarg1:'cn=accounts,$SUFFIX'
> -add:nsslapd-pluginarg2:'cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX'
> +remove:uniqueness-subtrees:'$SUFFIX'
> +add:uniqueness-subtrees:'cn=accounts,$SUFFIX'
> +add:uniqueness-subtrees:'cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX'
> remove:nsslapd-pluginenabled:off
> add:nsslapd-pluginenabled:on
> If we update the rpm from a version where 'nsslapd-pluginarg1' was used.
> It will not remove it and we will have 'nsslapd-pluginarg1' along with
> 'uniqueness-subtrees'.
> Should not we keep 'remove:nsslapd-pluginarg1:'$SUFFIX'' ?
>
> thanks
> thierry
Hello Thierry,
in patch 0197 is pre-upgrade plugin, which migrate all uniqueness
plugins into new syntax (this happens before the update file is
applied). So no nsslapd-pluginarg* attrs will be there.
and in patch 0198 I removed the cn=attribute uniquenes plugin, we
already have cn=uid uniqueness that do the same thing.
Martin^2
--
Martin Basti
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150225/c28a3567/attachment.htm>
More information about the Freeipa-devel
mailing list