[Freeipa-devel] [PATCH] 0020..0022 pki-related upgrade fixes
Martin Kosek
mkosek at redhat.com
Fri Jun 19 07:45:43 UTC 2015
On 06/19/2015 09:44 AM, Fraser Tweedale wrote:
> On Fri, Jun 19, 2015 at 09:38:01AM +0200, Martin Kosek wrote:
>> On 06/19/2015 09:28 AM, Fraser Tweedale wrote:
>>> The attached patches fix upgrade issues when pki is also updated
>>> from pre 10.2.4.
>>>
>>> pki dependency is bumped to 10.2.5 - the official builds should be
>>> done Friday (US time) but it is available from my copr[1]. If
>>> someone wants to add to official freeipa COPR in meantime the SRPM
>>> is here[2].
>>>
>>> [1] https://copr.fedoraproject.org/coprs/ftweedal/freeipa/
>>> [2] https://ftweedal.fedorapeople.org/pki-core-10.2.5-0.2.fc21.src.rpm
>>>
>>> Thanks,
>>> Fraser
>>>
>>
>> This may work, it would be of course cleaner to do this via context manager, in
>> lines with:
>>
>> @contextmanager
>> def ldap_connect_autobind():
>> if not api.Backend.ldap2.isconnected():
>> api.Backend.ldap2.connect(autobind=True)
>> try:
>> yield
>> finally:
>> if api.Backend.ldap2.isconnected():
>> api.Backend.ldap2.disconnect()
>>
>> ...
>>
>> try:
>> with ldap_connect_autobind():
>> # do API stuff
>> except PublicError, e:
>> ...
>>
>>
>> as that would also unbind it if exception is raised for example.
>
> Unless you or others feel strongly about this, let us do it as a
> cleanup later, as there are several places in upgrade.py that do
> this sort of thing.
>
> Alternatively (or in addition) we need to make ldap2 be able to
> attempt to reconnect on failure, as Simo (I think it was Simo)
> suggested recently in another thread.
>
> Cheers,
> Fraser
Sure. Whatever is more systematic approach to this solution. We need to have as
less hacks in the code as possible.
More information about the Freeipa-devel
mailing list