diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-10-10 22:41:02 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-10-10 20:24:10 -0400 |
commit | ea4f60b15a2743eb61f27ccd33d7bed17552eade (patch) | |
tree | 0328edc627d3ac06ca41464c7a0cae0a0ee4518c | |
parent | a51b65d9d40fa09bf33d7dff875e5cba6d51d2d2 (diff) | |
download | freeipa-ea4f60b15a2743eb61f27ccd33d7bed17552eade.tar.gz freeipa-ea4f60b15a2743eb61f27ccd33d7bed17552eade.tar.xz freeipa-ea4f60b15a2743eb61f27ccd33d7bed17552eade.zip |
Explicitly disable betxn plugins for the time being.
This should work with 389-ds-base 1.2.x and 1.3.0.
Without other plugin changes 389-ds-base can deadlock.
https://fedorahosted.org/freeipa/ticket/3046
-rw-r--r-- | install/share/Makefile.am | 1 | ||||
-rw-r--r-- | install/share/disable-betxn.ldif | 61 | ||||
-rw-r--r-- | install/updates/10-disable-betxn.update | 37 | ||||
-rw-r--r-- | install/updates/Makefile.am | 1 | ||||
-rw-r--r-- | ipaserver/install/dsinstance.py | 4 |
5 files changed, 104 insertions, 0 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am index 23cd766a5..7f953bc42 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -18,6 +18,7 @@ app_DATA = \ default-hbac.ldif \ default-smb-group.ldif \ delegation.ldif \ + disable-betxn.ldif \ replica-acis.ldif \ ds-nfiles.ldif \ dns.ldif \ diff --git a/install/share/disable-betxn.ldif b/install/share/disable-betxn.ldif new file mode 100644 index 000000000..57a6858dd --- /dev/null +++ b/install/share/disable-betxn.ldif @@ -0,0 +1,61 @@ +# Disable transactions in 389-ds-base + +dn: cn=7-bit check,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: preoperation + +dn: cn=attribute uniqueness,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: preoperation + +dn: cn=Auto Membership Plugin,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: preoperation + +dn: cn=Linked Attributes,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: preoperation + +dn: cn=Managed Entries,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: preoperation + +dn: cn=MemberOf Plugin,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: postoperation + +dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginbetxn +nsslapd-pluginbetxn: off + +dn: cn=PAM Pass Through Auth,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: preoperation + +dn: cn=referential integrity postoperation,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: postoperation + +dn: cn=Roles Plugin,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginbetxn +nsslapd-pluginbetxn: off + +dn: cn=State Change Plugin,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginType +nsslapd-pluginType: postoperation + +dn: cn=USN,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginbetxn +nsslapd-pluginbetxn: off diff --git a/install/updates/10-disable-betxn.update b/install/updates/10-disable-betxn.update new file mode 100644 index 000000000..8fca4a5e8 --- /dev/null +++ b/install/updates/10-disable-betxn.update @@ -0,0 +1,37 @@ +# Disable transactions in 389-ds-base + +dn: cn=7-bit check,cn=plugins,cn=config +only: nsslapd-pluginType: preoperation + +dn: cn=attribute uniqueness,cn=plugins,cn=config +only: nsslapd-pluginType: preoperation + +dn: cn=Auto Membership Plugin,cn=plugins,cn=config +only: nsslapd-pluginType: preoperation + +dn: cn=Linked Attributes,cn=plugins,cn=config +only: nsslapd-pluginType: preoperation + +dn: cn=Managed Entries,cn=plugins,cn=config +only: nsslapd-pluginType: preoperation + +dn: cn=MemberOf Plugin,cn=plugins,cn=config +only: nsslapd-pluginType: postoperation + +dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config +only: nsslapd-pluginbetxn: off + +dn: cn=PAM Pass Through Auth,cn=plugins,cn=config +only: nsslapd-pluginType: preoperation + +dn: cn=referential integrity postoperation,cn=plugins,cn=config +only: nsslapd-pluginType: postoperation + +dn: cn=Roles Plugin,cn=plugins,cn=config +only: nsslapd-pluginbetxn: off + +dn: cn=State Change Plugin,cn=plugins,cn=config +only: nsslapd-pluginType: postoperation + +dn: cn=USN,cn=plugins,cn=config +only: nsslapd-pluginbetxn: off diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index 8f60bc181..a675af8b4 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -7,6 +7,7 @@ app_DATA = \ 10-RFC2307bis.update \ 10-RFC4876.update \ 10-config.update \ + 10-disable-betxn.update \ 10-selinuxusermap.update \ 10-sudo.update \ 10-ssh.update \ diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 2c9832d02..b60335785 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -197,6 +197,7 @@ class DsInstance(service.Service): self.step("configuring replication version plugin", self.__config_version_module) self.step("enabling IPA enrollment plugin", self.__add_enrollment_module) self.step("enabling ldapi", self.__enable_ldapi) + self.step("disabling betxn plugins", self.__disable_betxn) self.step("configuring uniqueness plugin", self.__set_unique_attrs) self.step("configuring uuid plugin", self.__config_uuid_module) self.step("configuring modrdn plugin", self.__config_modrdn_module) @@ -470,6 +471,9 @@ class DsInstance(service.Service): def __add_referint_module(self): self._ldap_mod("referint-conf.ldif") + def __disable_betxn(self): + self._ldap_mod("disable-betxn.ldif", self.sub_dict) + def __set_unique_attrs(self): self._ldap_mod("unique-attributes.ldif", self.sub_dict) |