[Fedora-directory-commits] adminserver/admserv/schema/ldif 15dspta.mod.tmpl.in, NONE, 1.1 15dspta.ldif.tmpl.in, 1.2, NONE
Nathan Kinder
nkinder at fedoraproject.org
Fri Feb 27 17:34:23 UTC 2009
- Previous message (by thread): [Fedora-directory-commits] ldapserver/ldap/servers/slapd control.c, 1.8, 1.9 proto-slap.h, 1.45, 1.46 unbind.c, 1.7, 1.8
- Next message (by thread): [Fedora-directory-commits] adminserver/admserv/newinst/src AdminUtil.pm.in, 1.21, 1.22 register-ds-admin.pl.in, 1.4, 1.5 setup-ds-admin.res.in, 1.11, 1.12
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: nkinder
Update of /cvs/dirsec/adminserver/admserv/schema/ldif
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30030/admserv/schema/ldif
Added Files:
15dspta.mod.tmpl.in
Removed Files:
15dspta.ldif.tmpl.in
Log Message:
Resolves: bug 486402
Bug Description: Using setup-ds.pl and then registering the instance with
an admin server using register-ds-admin.pl does not add the proper ACI's
to allow admin to manage the instance.
Reviewed by: rmeggins (thanks!)
Files: see diff
Branch: HEAD
Fix Description: Add the appropriate aci's when running register-ds-admin.pl.
There were a few other issues to deal with in addition to the missing ACIs.
The PTA plug-in was not being configured since the LDIF template that was used
was an entire new PTA plug-in entry, which never gets added since it already
exists. I changed this to a LDIF mod template. We also only want to configure
PTA if it is not already configured, or if we are switching the config DS.
This will prevent overwriting any custom tweaks to the PTA plug-in, such as
using LDAPS to communicate with the config DS.
I found another issue during testing with the ldapStart parameter in adm.conf
getting set incorrectly after running register-ds-admin.pl. This parameter is
supposed to point to the start-slapd script of the config DS, but
register-ds-admin.pl was always changing this to the last instance that it
registered (which will never be the config DS if you have more than one
instance). We need to ensure that the slapd info in the inf is the config DS
before updating the Admin Server config files.
Platforms tested: F9
Flag Day: no
Doc impact: no
--- NEW FILE 15dspta.mod.tmpl.in ---
# BEGIN COPYRIGHT BLOCK
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# END COPYRIGHT BLOCK
dn: cn=Pass Through Authentication,cn=plugins,cn=config
changetype: mod
replace: nsslapd-pluginarg0
nsslapd-pluginarg0: %config_ds_url%
dn: cn=Pass Through Authentication,cn=plugins,cn=config
changetype: mod
replace: nsslapd-pluginEnabled
nsslapd-pluginEnabled: on
--- 15dspta.ldif.tmpl.in DELETED ---
- Previous message (by thread): [Fedora-directory-commits] ldapserver/ldap/servers/slapd control.c, 1.8, 1.9 proto-slap.h, 1.45, 1.46 unbind.c, 1.7, 1.8
- Next message (by thread): [Fedora-directory-commits] adminserver/admserv/newinst/src AdminUtil.pm.in, 1.21, 1.22 register-ds-admin.pl.in, 1.4, 1.5 setup-ds-admin.res.in, 1.11, 1.12
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-directory-commits
mailing list