[Freeipa-devel] [PATCH 0214] Support schema files for external plugins
Martin Basti
mbasti at redhat.com
Fri Aug 19 13:36:31 UTC 2016
On 19.08.2016 15:26, Alexander Bokovoy wrote:
> On Fri, 19 Aug 2016, Martin Basti wrote:
>>
>>
>> On 19.08.2016 11:43, Alexander Bokovoy wrote:
>>> On Mon, 08 Aug 2016, Alexander Bokovoy wrote:
>>>> On Mon, 08 Aug 2016, Petr Vobornik wrote:
>>>>> On 08/08/2016 12:26 PM, Alexander Bokovoy wrote:
>>>>>> On Mon, 08 Aug 2016, Alexander Bokovoy wrote:
>>>>>>> Hi!
>>>>>>>
>>>>>>> Attached patch is what is needed to allow external plugins for
>>>>>>> FreeIPA
>>>>>>> framework to be functional if they need to extend a schema.
>>>>>>>
>>>>>>> The idea is that we would have a separate directory as
>>>>>>> /usr/share/ipa/schema.d and will allow to use schema (*.ldif)
>>>>>>> files from
>>>>>>> it and its subdirectories during install and upgrade stages.
>>>>>>>
>>>>>>> Without the patch only selected schema files from /usr/share/ipa
>>>>>>> are
>>>>>>> used during install and upgrade. This leads to a failure to
>>>>>>> install IPA
>>>>>>> server (or upgrade it) if a new plugin is added. If plugin defines
>>>>>>> managed permissions, upgrade tool will generate ACIs which will
>>>>>>> fail to
>>>>>>> be inserted into LDAP store due to references to missing
>>>>>>> attributes and
>>>>>>> object classes.
>>>>>>>
>>>>>>> The patch adds a directory to be installed and a helper utility
>>>>>>> that
>>>>>>> loads files from the directory and adds them to the list of
>>>>>>> schema files
>>>>>>> used during update of dsinstance and upgrade of the server.
>>>>>>>
>>>>>>> With this patch I'm successfully managed to make FleetCommander
>>>>>>> integration plugin completely independent of FreeIPA.
>>>>>> Patch attached now. ;)
>>>>>>
>>>>>
>>>>> I'll assume that we want to target 4.4.x therefore it can be
>>>>> pushed to
>>>>> master, right? I.e. no need for creating ipa-4-4 branch atm.
>>>> Right.
>>>>
>>>>> Reasoning is that currently F24 has 4.3.x. F25 will most likely have
>>>>> 4.4.x because 4.5 is still in planning.
>>>> Sounds good to me. FleetCommander (which is one of drivers behind the
>>>> patches) is targeting F25 as well.
>>> Can we get the patch reviewed?
>>
>> ACK
>>
>> However ticket is in future releases, so we have to branch master and
>> ipa 4.4 before push
> Why? We agreed above to get the patch into 4.4. Moving ticket to 4.4.1
> milestone is certainly possible and does not require branching.
OK, you agreed but nobody changed milestone of ticket
Pushed to master: 7bec8a246d6712f749ec331f5bf066e3357c4ce7
Martin^2
More information about the Freeipa-devel
mailing list