[Freeipa-devel] [PATCH 0291, 0292] Limit max age of replication changelog

Martin Basti mbasti at redhat.com
Thu Jul 30 13:14:09 UTC 2015 

On 22/07/15 17:03, Martin Basti wrote:
> On 20/07/15 19:04, Mark Reynolds wrote:
>>
>>
>> On 07/20/2015 12:50 PM, Martin Basti wrote:
>>> On 20/07/15 17:48, Petr Vobornik wrote:
>>>> On 07/20/2015 05:24 PM, Rob Crittenden wrote:
>>>>> Martin Basti wrote:
>>>>>> https://fedorahosted.org/freeipa/ticket/5086
>>>>>>
>>>>>> Patch attached.
>>>>>
>>>>> Is this going to be a shock on upgrades for people who until now 
>>>>> may be
>>>>> relying on the fact that there is no limit?
>>>>
>>>> Not making any point, but have to note: Ludwig raised a question on 
>>>> users list but there was no feedback from users.
>>>>
>>>> https://www.redhat.com/archives/freeipa-users/2015-July/msg00022.html
>>>>
>>>>>
>>>>> Should there be a way for an admin to manage this, via the config 
>>>>> module
>>>>> perhaps?
>>>>>
>>>>> IMHO this is a significant change and red flags need to be raised so
>>>>> users are aware of it.
>>>>>
>>>>> rob
>>>>>
>>>>
>>>>
>>>
>>> IIUC there is purge delay 7 days, so if changelog max age is 7 or 
>>> more days, it will not break replication.
>>> The issue is if somebody uses changelog for different purpose, right?
>> Well the replication changelog can not be used for anything else but 
>> the multimaster replication plugin.  If a customer increased the 
>> replication purge delay you could potentially run into issues, but 
>> again this only comes into play when a replica is down for a very 
>> long time.  I'm not sure if IPA even provides the option to adjust 
>> the replication purge delay, but that doesn't mean a customer can not 
>> adjust these settings on their own.
>>
>> Mark
>>
>
> I'm attaching new patch, that modifies behavior of 'addifnew' keyword 
> in update files.
> addifnew will no create new entry if doesn't exist.
> This is required for proper working of patch 292
>
> Rob are you okay with these patches, as Mark wrote, changelog is used 
> only for replication plugins, so it should not cause any issues to users.
>
> Martin^2
>
>
>

These patches are ready to be reviewed.
I'm just not sure if would be better to have replication changelog max 
age 8days, just to be sure.
Should I explicitly set purge delay to 7days, or are we fine with 7days 
as default?

-- 
Martin Basti

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150730/a8defa8b/attachment.htm>

More information about the Freeipa-devel mailing list