[Freeipa-devel] [PATCH 0214] Support schema files for external plugins
Alexander Bokovoy
abokovoy at redhat.com
Fri Aug 19 13:26:46 UTC 2016
On Fri, 19 Aug 2016, Martin Basti wrote:
>
>
>On 19.08.2016 11:43, Alexander Bokovoy wrote:
>>On Mon, 08 Aug 2016, Alexander Bokovoy wrote:
>>>On Mon, 08 Aug 2016, Petr Vobornik wrote:
>>>>On 08/08/2016 12:26 PM, Alexander Bokovoy wrote:
>>>>>On Mon, 08 Aug 2016, Alexander Bokovoy wrote:
>>>>>>Hi!
>>>>>>
>>>>>>Attached patch is what is needed to allow external plugins
>>>>>>for FreeIPA
>>>>>>framework to be functional if they need to extend a schema.
>>>>>>
>>>>>>The idea is that we would have a separate directory as
>>>>>>/usr/share/ipa/schema.d and will allow to use schema
>>>>>>(*.ldif) files from
>>>>>>it and its subdirectories during install and upgrade stages.
>>>>>>
>>>>>>Without the patch only selected schema files from /usr/share/ipa are
>>>>>>used during install and upgrade. This leads to a failure to
>>>>>>install IPA
>>>>>>server (or upgrade it) if a new plugin is added. If plugin defines
>>>>>>managed permissions, upgrade tool will generate ACIs which
>>>>>>will fail to
>>>>>>be inserted into LDAP store due to references to missing
>>>>>>attributes and
>>>>>>object classes.
>>>>>>
>>>>>>The patch adds a directory to be installed and a helper utility that
>>>>>>loads files from the directory and adds them to the list of
>>>>>>schema files
>>>>>>used during update of dsinstance and upgrade of the server.
>>>>>>
>>>>>>With this patch I'm successfully managed to make FleetCommander
>>>>>>integration plugin completely independent of FreeIPA.
>>>>>Patch attached now. ;)
>>>>>
>>>>
>>>>I'll assume that we want to target 4.4.x therefore it can be pushed to
>>>>master, right? I.e. no need for creating ipa-4-4 branch atm.
>>>Right.
>>>
>>>>Reasoning is that currently F24 has 4.3.x. F25 will most likely have
>>>>4.4.x because 4.5 is still in planning.
>>>Sounds good to me. FleetCommander (which is one of drivers behind the
>>>patches) is targeting F25 as well.
>>Can we get the patch reviewed?
>
>ACK
>
>However ticket is in future releases, so we have to branch master and
>ipa 4.4 before push
Why? We agreed above to get the patch into 4.4. Moving ticket to 4.4.1
milestone is certainly possible and does not require branching.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list