[Freeipa-devel] [PATCH 0291, 0292] Limit max age of replication changelog

Martin Basti mbasti at redhat.com
Wed Jul 22 15:03:42 UTC 2015 

On 20/07/15 19:04, Mark Reynolds wrote:
>
>
> On 07/20/2015 12:50 PM, Martin Basti wrote:
>> On 20/07/15 17:48, Petr Vobornik wrote:
>>> On 07/20/2015 05:24 PM, Rob Crittenden wrote:
>>>> Martin Basti wrote:
>>>>> https://fedorahosted.org/freeipa/ticket/5086
>>>>>
>>>>> Patch attached.
>>>>
>>>> Is this going to be a shock on upgrades for people who until now 
>>>> may be
>>>> relying on the fact that there is no limit?
>>>
>>> Not making any point, but have to note: Ludwig raised a question on 
>>> users list but there was no feedback from users.
>>>
>>> https://www.redhat.com/archives/freeipa-users/2015-July/msg00022.html
>>>
>>>>
>>>> Should there be a way for an admin to manage this, via the config 
>>>> module
>>>> perhaps?
>>>>
>>>> IMHO this is a significant change and red flags need to be raised so
>>>> users are aware of it.
>>>>
>>>> rob
>>>>
>>>
>>>
>>
>> IIUC there is purge delay 7 days, so if changelog max age is 7 or 
>> more days, it will not break replication.
>> The issue is if somebody uses changelog for different purpose, right?
> Well the replication changelog can not be used for anything else but 
> the multimaster replication plugin.  If a customer increased the 
> replication purge delay you could potentially run into issues, but 
> again this only comes into play when a replica is down for a very long 
> time.  I'm not sure if IPA even provides the option to adjust the 
> replication purge delay, but that doesn't mean a customer can not 
> adjust these settings on their own.
>
> Mark
>

I'm attaching new patch, that modifies behavior of 'addifnew' keyword in 
update files.
addifnew will no create new entry if doesn't exist.
This is required for proper working of patch 292

Rob are you okay with these patches, as Mark wrote, changelog is used 
only for replication plugins, so it should not cause any issues to users.

Martin^2

-- 
Martin Basti

-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0291-Limit-max-age-of-replication-changelog.patch
Type: text/x-patch
Size: 1586 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150722/e6db6d98/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0292-Server-Upgrade-addifnew-should-not-create-entry.patch
Type: text/x-patch
Size: 1375 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150722/e6db6d98/attachment-0001.bin>

More information about the Freeipa-devel mailing list