[Freeipa-devel] [PATCH] 972 fix migration

Rob Crittenden rcritten at redhat.com
Wed Feb 29 15:31:39 UTC 2012 

Martin Kosek wrote:
> On Tue, 2012-02-28 at 17:36 -0500, Rob Crittenden wrote:
>> We were setting the GID of migrated users to that of the default user's
>> group (ipausers) when it should have been the same as the UID unless UPG
>> was disabled.
>>
>> This does the right thing and fixes migration which was broken when we
>> made ipausers a non-posix group.
>>
>> rob
>
> NACK
>
> This is a good start, but you missed a case when UPGs are disabled. We
> crash in that case:
>
> # ipa-managed-entries -e 'UPG Definition' disable
> Disabling Plugin
> # ipa migrate-ds --user-container=ou=People --group-container=ou=Groups
> ldap://vm-054.idm.lab.bos.redhat.com --bind-dn="cn=Directory Manager"
> Password:
> ipa: ERROR: an internal error has occurred
>
> /var/log/httpd/error_log:
> [Wed Feb 29 09:15:36 2012] [error] ipa: ERROR: non-public: KeyError: 'gidnumber'
> [Wed Feb 29 09:15:36 2012] [error] Traceback (most recent call last):
> [Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py",   line 314, in wsgi_execute
> [Wed Feb 29 09:15:36 2012] [error]     result = self.Command[name](*args, **options)
> [Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line  443, in __call__
> [Wed Feb 29 09:15:36 2012] [error]     ret = self.run(*args, **options)
> [Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line  721, in run
> [Wed Feb 29 09:15:36 2012] [error]     return self.execute(*args, **options)
> [Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration.  py", line 667, in execute
> [Wed Feb 29 09:15:36 2012] [error]     ldap, config, ds_ldap, ds_base_dn, options
> [Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration.  py", line 605, in migrate
> [Wed Feb 29 09:15:36 2012] [error]     **blacklists
> [Wed Feb 29 09:15:36 2012] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration.  py", line 125, in _pre_migrate_user
> [Wed Feb 29 09:15:36 2012] [error]     ctx['def_group_gid'] = g_attrs['gidnumber'][0]
> [Wed Feb 29 09:15:36 2012] [error] KeyError: 'gidnumber'
> [Wed Feb 29 09:15:36 2012] [error] ipa: INFO: admin at IDM.LAB.BOS.REDHAT.COM: migrate_ds(u'ldap://vm-054.idm.lab.bos.redhat.com', u'********', binddn=u'cn=Directory Manager', usercontainer=u'ou=People',      groupcontainer=u'ou=Groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames',    u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None,   groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False,              exclude_groups=None, exclude_users=None): KeyError
>
>
> Martin
>

Updated. Will now report an error if the default group is not POSIX and 
UPG is disabled.

rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-972-2-migrate.patch
Type: text/x-diff
Size: 2025 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120229/a3d69928/attachment.bin>

More information about the Freeipa-devel mailing list