[Freeipa-devel] [PATCH 0291, 0292] Limit max age of replication changelog

Ludwig Krispenz lkrispen at redhat.com
Thu Jul 30 13:43:33 UTC 2015 

On 07/30/2015 03:14 PM, Martin Basti wrote:
> On 22/07/15 17:03, Martin Basti wrote:
>> On 20/07/15 19:04, Mark Reynolds wrote:
>>>
>>>
>>> On 07/20/2015 12:50 PM, Martin Basti wrote:
>>>> On 20/07/15 17:48, Petr Vobornik wrote:
>>>>> On 07/20/2015 05:24 PM, Rob Crittenden wrote:
>>>>>> Martin Basti wrote:
>>>>>>> https://fedorahosted.org/freeipa/ticket/5086
>>>>>>>
>>>>>>> Patch attached.
>>>>>>
>>>>>> Is this going to be a shock on upgrades for people who until now 
>>>>>> may be
>>>>>> relying on the fact that there is no limit?
>>>>>
>>>>> Not making any point, but have to note: Ludwig raised a question 
>>>>> on users list but there was no feedback from users.
>>>>>
>>>>> https://www.redhat.com/archives/freeipa-users/2015-July/msg00022.html
>>>>>
>>>>>>
>>>>>> Should there be a way for an admin to manage this, via the config 
>>>>>> module
>>>>>> perhaps?
>>>>>>
>>>>>> IMHO this is a significant change and red flags need to be raised so
>>>>>> users are aware of it.
>>>>>>
>>>>>> rob
>>>>>>
>>>>>
>>>>>
>>>>
>>>> IIUC there is purge delay 7 days, so if changelog max age is 7 or 
>>>> more days, it will not break replication.
>>>> The issue is if somebody uses changelog for different purpose, right?
>>> Well the replication changelog can not be used for anything else but 
>>> the multimaster replication plugin.  If a customer increased the 
>>> replication purge delay you could potentially run into issues, but 
>>> again this only comes into play when a replica is down for a very 
>>> long time.  I'm not sure if IPA even provides the option to adjust 
>>> the replication purge delay, but that doesn't mean a customer can 
>>> not adjust these settings on their own.
>>>
>>> Mark
>>>
>>
>> I'm attaching new patch, that modifies behavior of 'addifnew' keyword 
>> in update files.
>> addifnew will no create new entry if doesn't exist.
>> This is required for proper working of patch 292
>>
>> Rob are you okay with these patches, as Mark wrote, changelog is used 
>> only for replication plugins, so it should not cause any issues to 
>> users.
>>
>> Martin^2
>>
>>
>>
>
> These patches are ready to be reviewed.
> I'm just not sure if would be better to have replication changelog max 
> age 8days, just to be sure.
> Should I explicitly set purge delay to 7days, or are we fine with 
> 7days as default?
I think 7d is a quite common setting, so it should be ok
> -- 
> Martin Basti
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150730/f605bcf4/attachment.htm>

More information about the Freeipa-devel mailing list