From 3c3d0639273776079714b0dff38370fd7971d034 Mon Sep 17 00:00:00 2001 From: Jr Aquino Date: Tue, 28 Feb 2012 23:05:16 -0800 Subject: [PATCH] 42 Add CleanRUV Task to ipa-replica-manage del ipa-replica-manage del causes tombstone entries to remain in 389 DS. This has proven to be problematic. We can automatically perform the cleanup task at the deletion time to minimize orphans and ghosts in the directory. This patch runs the cleanruv action on all masters following a delete. https://fedorahosted.org/freeipa/ticket/2303 --- install/tools/ipa-replica-manage | 51 ++++++++++++++++++++++++++++++++++--- 1 files changed, 46 insertions(+), 5 deletions(-) diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index da327e5..b6843c5 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -267,6 +267,24 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False): print "Deleted replication agreement from '%s' to '%s'" % (replica1, replica2) +def clean_ruv(realm, replica1, replica2, dirman_passwd, delrepl_id, force=False): + + if delrepl_id == None: + raise RuntimeError("Failed to clean RUV entry for: '%s' from %s" % (replica2, replica1)) + try: + repl1 = replication.ReplicationManager(realm, replica1, dirman_passwd) + + replica_dn = repl1.replica_dn() + + attr = 'CLEANRUV%s' % delrepl_id + mod = [(ldap.MOD_REPLACE, 'nsds5task', attr)] + repl1.conn.modify_s(replica_dn, mod) + + except Exception, e: + raise e + + print "Cleaned RUV entry for '%s' on '%s'" % (replica2, replica1) + def del_master(realm, hostname, options): force_del = False @@ -297,12 +315,15 @@ def del_master(realm, hostname, options): print "Unable to connect to replica %s, forcing removal" % hostname force_del = True + # Get list of Masters + dn = 'cn=masters,cn=ipa,cn=etc,%s' % thisrepl.suffix + res = thisrepl.conn.search_s(dn, ldap.SCOPE_ONELEVEL) + master_names = [] + for entry in res: + master_names.append(entry.cn) + if force_del: - dn = 'cn=masters,cn=ipa,cn=etc,%s' % thisrepl.suffix - res = thisrepl.conn.search_s(dn, ldap.SCOPE_ONELEVEL) - replica_names = [] - for entry in res: - replica_names.append(entry.cn) + replica_names = master_names else: # Get list of agreements. replica_names = delrepl.find_ipa_replication_agreements() @@ -310,6 +331,17 @@ def del_master(realm, hostname, options): # WINSYNC replica, delete agreement from current host replica_names = [options.host] + # Get replica-id before delete + try: + delrepl_dn = delrepl.replica_dn() + delrepl_entry = delrepl.conn.search_s(delrepl_dn, ldap.SCOPE_BASE, "objectclass=*")[0] + if delrepl_entry.getValue('nsDS5ReplicaId'): + delrepl_id = (delrepl_entry.getValue('nsDS5ReplicaId')) + except ldap.NO_SUCH_OBJECT: + delrepl_id = None + except NameError: + delrepl_id = None + # 4. Remove each agreement for r in replica_names: try: @@ -317,6 +349,15 @@ def del_master(realm, hostname, options): except Exception, e: print "There were issues removing a connection: %s" % str(e) + # CleanRUV + master_names.remove(hostname) + for m in master_names: + try: + clean_ruv(realm, m, hostname, options.dirman_passwd, delrepl_id, force=True) + except Exception, e: + print str(e) + print "Please refer to http://directory.fedoraproject.org/wiki/Howto:CLEANRUV for manual cleanup." + # 5. Finally clean up the removed replica common entries. try: thisrepl.replica_cleanup(hostname, realm, force=True) -- 1.7.6.5