diff options
author | Jr Aquino <jr.aquino@citrix.com> | 2011-09-08 12:07:26 -0700 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-09-12 16:28:27 -0400 |
commit | 8b3336ef55fa569e4f08307bf939a9698ce70645 (patch) | |
tree | 9463b195502b37434fca56d5c3091a9391bade84 /install | |
parent | a40d4d4d643cb3a4846f21857e611a76f5037ce8 (diff) | |
download | freeipa-8b3336ef55fa569e4f08307bf939a9698ce70645.tar.gz freeipa-8b3336ef55fa569e4f08307bf939a9698ce70645.tar.xz freeipa-8b3336ef55fa569e4f08307bf939a9698ce70645.zip |
Move Managed Entries into their own container in the replicated space.
Repoint cn=Managed Entries,cn=plugins,cn=config in common_setup
Create: cn=Managed Entries,cn=etc,$SUFFIX
Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
Create method for dynamically migrating any and all custom Managed Entries
from the cn=config space into the new container.
Separate the connection creation during update so that a restart can
be performed to initialize changes before performing a delete.
Add wait_for_open_socket() method in installutils
https://fedorahosted.org/freeipa/ticket/1708
Diffstat (limited to 'install')
-rw-r--r-- | install/share/Makefile.am | 2 | ||||
-rw-r--r-- | install/share/host_nis_groups.ldif | 6 | ||||
-rw-r--r-- | install/share/managed-entries.ldif | 17 | ||||
-rw-r--r-- | install/share/repoint-managed-entries.ldif | 5 | ||||
-rw-r--r-- | install/share/user_private_groups.ldif | 6 | ||||
-rw-r--r-- | install/updates/19-managed-entries.update | 17 | ||||
-rw-r--r-- | install/updates/20-host_nis_groups.update | 22 | ||||
-rw-r--r-- | install/updates/20-user_private_groups.update | 19 | ||||
-rw-r--r-- | install/updates/50-suppress-upg.update | 2 | ||||
-rw-r--r-- | install/updates/Makefile.am | 2 |
10 files changed, 79 insertions, 19 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am index f2a6a6cae..991f3b478 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -42,6 +42,8 @@ app_DATA = \ schema_compat.uldif \ ldapi.ldif \ wsgi.py \ + repoint-managed-entries.ldif \ + managed-entries.ldif \ user_private_groups.ldif \ host_nis_groups.ldif \ uuid-ipauniqueid.ldif \ diff --git a/install/share/host_nis_groups.ldif b/install/share/host_nis_groups.ldif index bb28c597d..096a881f5 100644 --- a/install/share/host_nis_groups.ldif +++ b/install/share/host_nis_groups.ldif @@ -1,4 +1,4 @@ -dn: cn=NGP HGP Template,cn=etc,$SUFFIX +dn: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX changetype: add objectclass: mepTemplateEntry cn: NGP HGP Template @@ -13,11 +13,11 @@ mepMappedAttr: description: ipaNetgroup $$cn # Changes to this definition need to be reflected in # updates/20-host_nis_groups.update -dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config +dn: cn=NGP Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX changetype: add objectclass: extensibleObject cn: NGP Definition originScope: cn=hostgroups,cn=accounts,$SUFFIX originFilter: objectclass=ipahostgroup managedBase: cn=ng,cn=alt,$SUFFIX -managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX +managedTemplate: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX diff --git a/install/share/managed-entries.ldif b/install/share/managed-entries.ldif new file mode 100644 index 000000000..ce65eae59 --- /dev/null +++ b/install/share/managed-entries.ldif @@ -0,0 +1,17 @@ +dn: cn=Managed Entries,cn=etc,$SUFFIX +changetype: add +objectClass: nsContainer +objectClass: top +cn: Managed Entries + +dn: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX +changetype: add +objectClass: nsContainer +objectClass: top +cn: Templates + +dn: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX +changetype: add +objectClass: nsContainer +objectClass: top +cn: Definitions diff --git a/install/share/repoint-managed-entries.ldif b/install/share/repoint-managed-entries.ldif new file mode 100644 index 000000000..89666621f --- /dev/null +++ b/install/share/repoint-managed-entries.ldif @@ -0,0 +1,5 @@ +# Repoint Managed Entries to the replicated cn=etc space +dn: cn=Managed Entries,cn=plugins,cn=config +changetype: modify +add: nsslapd-pluginConfigArea +nsslapd-pluginConfigArea: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX diff --git a/install/share/user_private_groups.ldif b/install/share/user_private_groups.ldif index 9aed09ba1..0d5656d4f 100644 --- a/install/share/user_private_groups.ldif +++ b/install/share/user_private_groups.ldif @@ -1,4 +1,4 @@ -dn: cn=UPG Template,cn=etc,$SUFFIX +dn: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX changetype: add objectclass: mepTemplateEntry cn: UPG Template @@ -12,12 +12,12 @@ mepMappedAttr: description: User private group for $$uid # Changes to this definition need to be reflected in # updates/20-user_private_groups.update -dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config +dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX changetype: add objectclass: extensibleObject cn: UPG Definition originScope: cn=users,cn=accounts,$SUFFIX originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__))) managedBase: cn=groups,cn=accounts,$SUFFIX -managedTemplate: cn=UPG Template,cn=etc,$SUFFIX +managedTemplate: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX diff --git a/install/updates/19-managed-entries.update b/install/updates/19-managed-entries.update new file mode 100644 index 000000000..1d8ebebfd --- /dev/null +++ b/install/updates/19-managed-entries.update @@ -0,0 +1,17 @@ +dn: cn=Managed Entries,cn=plugins,cn=config +only: nsslapd-pluginConfigArea: 'cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX' + +dn: cn=Managed Entries,cn=etc,$SUFFIX +default: objectClass: nsContainer +default: objectClass: top +default: cn: Managed Entries + +dn: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX +default: objectClass: nsContainer +default: objectClass: top +default: cn: Templates + +dn: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX +default: objectClass: nsContainer +default: objectClass: top +default: cn: Definitions diff --git a/install/updates/20-host_nis_groups.update b/install/updates/20-host_nis_groups.update index 662980211..c6fe8d8ac 100644 --- a/install/updates/20-host_nis_groups.update +++ b/install/updates/20-host_nis_groups.update @@ -2,14 +2,22 @@ # This is required for replication. The template entry will get # replicated but the plugin configuration will not. -dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config +dn: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX +default:objectclass: mepTemplateEntry +default:cn: NGP HGP Template +default:mepRDNAttr: cn +default:mepStaticAttr: ipaUniqueId: autogenerate +default:mepStaticAttr: objectclass: ipanisnetgroup +default:mepStaticAttr: objectclass: ipaobject +default:mepStaticAttr: nisDomainName: $DOMAIN +default:mepMappedAttr: cn: $$cn +default:mepMappedAttr: memberHost: $$dn +default:mepMappedAttr: description: ipaNetgroup $$cn + +dn: cn=NGP Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX default:objectclass: extensibleObject -default:cn: NGP Definition +only:cn: NGP Definition default:originScope: cn=hostgroups,cn=accounts,$SUFFIX default:originFilter: objectclass=ipahostgroup default:managedBase: cn=ng,cn=alt,$SUFFIX -default:managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX - -# Fix an existing configuration with the wrong cn -dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config -only:cn: NGP Definition +default:managedTemplate: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX diff --git a/install/updates/20-user_private_groups.update b/install/updates/20-user_private_groups.update index 8c7baca41..d54cc02d6 100644 --- a/install/updates/20-user_private_groups.update +++ b/install/updates/20-user_private_groups.update @@ -2,10 +2,23 @@ # This is required for replication. The template entry will get # replicated but the plugin configuration will not. -dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config +dn: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX +default:objectclass: mepTemplateEntry +default:cn: UPG Template +default:mepRDNAttr: cn +default:mepStaticAttr: objectclass: posixgroup +default:mepStaticAttr: objectclass: ipaobject +default:mepStaticAttr: ipaUniqueId: autogenerate +default:mepMappedAttr: cn: $$uid +default:mepMappedAttr: gidNumber: $$uidNumber +default:mepMappedAttr: description: User private group for $$uid + + +dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX default:objectclass: extensibleObject +replace:originFilter:objectclass=posixAccount::(&(objectclass=posixAccount)(!(description=__no_upg__))) default:cn: UPG Definition default:originScope: cn=users,cn=accounts,$SUFFIX -default:originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__))) +default:originFilter: objectclass=posixAccount default:managedBase: cn=groups,cn=accounts,$SUFFIX -default:managedTemplate: cn=UPG Template,cn=etc,$SUFFIX +default:managedTemplate: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX diff --git a/install/updates/50-suppress-upg.update b/install/updates/50-suppress-upg.update deleted file mode 100644 index 571788266..000000000 --- a/install/updates/50-suppress-upg.update +++ /dev/null @@ -1,2 +0,0 @@ -dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config -replace: originFilter:objectclass=posixAccount::(&(objectclass=posixAccount)(!(description=__no_upg__))) diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index cf29e3f29..bf4d9af96 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -7,6 +7,7 @@ app_DATA = \ 10-RFC4876.update \ 10-config.update \ 10-sudo.update \ + 19-managed-entries.update \ 20-aci.update \ 20-dna.update \ 20-host_nis_groups.update \ @@ -22,7 +23,6 @@ app_DATA = \ 50-lockout-policy.update \ 50-groupuuid.update \ 50-hbacservice.update \ - 50-suppress-upg.update \ $(NULL) EXTRA_DIST = \ |