[Freeipa-devel] [PATCH] 972 fix migration

Martin Kosek mkosek at redhat.com
Wed Feb 29 14:18:25 UTC 2012 

On Tue, 2012-02-28 at 17:36 -0500, Rob Crittenden wrote:
> We were setting the GID of migrated users to that of the default user's 
> group (ipausers) when it should have been the same as the UID unless UPG 
> was disabled.
> 
> This does the right thing and fixes migration which was broken when we 
> made ipausers a non-posix group.
> 
> rob

NACK

This is a good start, but you missed a case when UPGs are disabled. We
crash in that case:

# ipa-managed-entries -e 'UPG Definition' disable
Disabling Plugin
# ipa migrate-ds --user-container=ou=People --group-container=ou=Groups
ldap://vm-054.idm.lab.bos.redhat.com --bind-dn="cn=Directory Manager"
Password: 
ipa: ERROR: an internal error has occurred

/var/log/httpd/error_log:
[Wed Feb 29 09:15:36 2012] [error] ipa: ERROR: non-public: KeyError: 'gidnumber'
[Wed Feb 29 09:15:36 2012] [error] Traceback (most recent call last):
[Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py",   line 314, in wsgi_execute
[Wed Feb 29 09:15:36 2012] [error]     result = self.Command[name](*args, **options)
[Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line  443, in __call__
[Wed Feb 29 09:15:36 2012] [error]     ret = self.run(*args, **options)
[Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line  721, in run
[Wed Feb 29 09:15:36 2012] [error]     return self.execute(*args, **options)
[Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration.  py", line 667, in execute
[Wed Feb 29 09:15:36 2012] [error]     ldap, config, ds_ldap, ds_base_dn, options
[Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration.  py", line 605, in migrate
[Wed Feb 29 09:15:36 2012] [error]     **blacklists
[Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration.  py", line 125, in _pre_migrate_user
[Wed Feb 29 09:15:36 2012] [error]     ctx['def_group_gid'] = g_attrs['gidnumber'][0]
[Wed Feb 29 09:15:36 2012] [error] KeyError: 'gidnumber'
[Wed Feb 29 09:15:36 2012] [error] ipa: INFO: admin at IDM.LAB.BOS.REDHAT.COM: migrate_ds(u'ldap://vm-054.idm.lab.bos.redhat.com', u'********', binddn=u'cn=Directory Manager', usercontainer=u'ou=People',      groupcontainer=u'ou=Groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames',    u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None,   groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False,              exclude_groups=None, exclude_users=None): KeyError


Martin

More information about the Freeipa-devel mailing list