diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2013-04-22 15:21:04 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2013-04-26 11:15:16 -0400 |
| commit | d4a0fa34afd30765e5ea6f0df21976a6494f13d6 (patch) | |
| tree | c1624dfc264a2339111c49130d0245ca630e0ab5 /install/tools | |
| parent | e9863e3fe3cc5ca016c4e216ae3d34b750a34c73 (diff) | |
| download | freeipa.git-d4a0fa34afd30765e5ea6f0df21976a6494f13d6.tar.gz freeipa.git-d4a0fa34afd30765e5ea6f0df21976a6494f13d6.tar.xz freeipa.git-d4a0fa34afd30765e5ea6f0df21976a6494f13d6.zip | |
Fix syntax errors in schema files
- add missing closing parenthesis in idnsRecord declaration
- remove extra dollar sign from ipaSudoRule declaration
- handle missing/extraneous X-ORIGIN lines in 10-selinuxusermap.update
This does not use the schema updater because the syntax needs to be
fixed in the files themselves, otherwise 389 1.3.2+ will fail
to start.
Older DS versions transparently fix the syntax errors.
The existing ldap-updater directive for ipaSudoRule is fixed
(ldap-updater runs after upgradeconfig).
https://fedorahosted.org/freeipa/ticket/3578
Diffstat (limited to 'install/tools')
| -rw-r--r-- | install/tools/ipa-upgradeconfig | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig index 8ae54894..c9574b96 100644 --- a/install/tools/ipa-upgradeconfig +++ b/install/tools/ipa-upgradeconfig @@ -777,6 +777,69 @@ def uninstall_selfsign(ds, http): ds.stop_tracking_certificates() http.stop_tracking_certificates() + +def fix_schema_file_syntax(ds): + """Fix syntax errors in schema files + + https://fedorahosted.org/freeipa/ticket/3578 + """ + root_logger.info('[Fix DS schema file syntax]') + + # This is not handled by normal schema updates, because pre-1.3.2 DS will + # ignore (auto-fix) these syntax errors, and 1.3.2 and above will choke on + # them before checking dynamic schema updates. + + if sysupgrade.get_upgrade_state('ds', 'fix_schema_syntax'): + root_logger.info('Syntax already fixed') + return + + serverid = dsinstance.realm_to_serverid(api.env.realm) + + ds.stop(serverid) + + ds_dir = dsinstance.config_dirname(serverid) + + # 1. 60ipadns.ldif: Add parenthesis to idnsRecord + + filename = os.path.join(ds_dir, 'schema', '60ipadns.ldif') + result_lines = [] + with open(filename) as file: + for line in file: + line = line.strip('\n') + if (line.startswith('objectClasses:') and + "NAME 'idnsRecord'" in line and + line.count('(') == 2 and + line.count(')') == 1): + root_logger.debug('Add closing parenthesis in idnsRecord') + line += ' )' + result_lines.append(line) + + with open(filename, 'w') as file: + file.write('\n'.join(result_lines)) + + # 2. 65ipasudo.ldif: Remove extra dollar from ipaSudoRule + + filename = os.path.join(ds_dir, 'schema', '65ipasudo.ldif') + result_lines = [] + with open(filename) as file: + for line in file: + line = line.strip('\n') + if (line.startswith('objectClasses:') and + "NAME 'ipaSudoRule'" in line): + root_logger.debug('Remove extra dollar sign in ipaSudoRule') + line = line.replace('$$', '$') + result_lines.append(line) + + with open(filename, 'w') as file: + file.write('\n'.join(result_lines)) + + # Done + + ds.start(serverid) + + sysupgrade.set_upgrade_state('ds', 'fix_schema_syntax', True) + + def main(): """ Get some basics about the system. If getting those basics fail then @@ -856,6 +919,8 @@ def main(): ds = dsinstance.DsInstance() + fix_schema_file_syntax(ds) + uninstall_selfsign(ds, http) memcache = memcacheinstance.MemcacheInstance() |