diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-11-15 21:38:26 -0500 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-11-21 14:55:12 +0100 |
commit | f1f1b4e7f2e9c1838ad7ec76002b78ca0c2a3c46 (patch) | |
tree | 7c563571ef9e8ac8599cd81a5b17422d79eb2f59 /install | |
parent | 2093007d4d2b3183b65a07d421954b3e8a12e93b (diff) | |
download | freeipa.git-f1f1b4e7f2e9c1838ad7ec76002b78ca0c2a3c46.tar.gz freeipa.git-f1f1b4e7f2e9c1838ad7ec76002b78ca0c2a3c46.tar.xz freeipa.git-f1f1b4e7f2e9c1838ad7ec76002b78ca0c2a3c46.zip |
Enable transactions by default, make password and modrdn TXN-aware
The password and modrdn plugins needed to be made transaction aware
for the pre and post operations.
Remove the reverse member hoop jumping. Just fetch the entry once
and all the memberof data is there (plus objectclass).
Fix some unit tests that are failing because we actually get the data
now due to transactions.
Add small bit of code in user plugin to retrieve the user again
ala wait_for_attr but in the case of transactions we need do it only
once.
Deprecate wait_for_attr code.
Add a memberof fixup task for roles.
https://fedorahosted.org/freeipa/ticket/1263
https://fedorahosted.org/freeipa/ticket/1891
https://fedorahosted.org/freeipa/ticket/2056
https://fedorahosted.org/freeipa/ticket/3043
https://fedorahosted.org/freeipa/ticket/3191
https://fedorahosted.org/freeipa/ticket/3046
Diffstat (limited to 'install')
-rw-r--r-- | install/share/nis.uldif | 1 | ||||
-rw-r--r-- | install/share/schema_compat.uldif | 1 | ||||
-rw-r--r-- | install/tools/man/ipa-ldap-updater.1 | 1 | ||||
-rw-r--r-- | install/ui/test/data/ipa_init.json | 1 | ||||
-rw-r--r-- | install/updates/10-disable-betxn.update | 37 | ||||
-rw-r--r-- | install/updates/10-enable-betxn.update | 49 | ||||
-rw-r--r-- | install/updates/55-pbacmemberof.update | 8 | ||||
-rw-r--r-- | install/updates/Makefile.am | 2 |
8 files changed, 61 insertions, 39 deletions
diff --git a/install/share/nis.uldif b/install/share/nis.uldif index 1e548289..1735fb55 100644 --- a/install/share/nis.uldif +++ b/install/share/nis.uldif @@ -6,6 +6,7 @@ default:cn: NIS Server default:nsslapd-pluginpath: /usr/lib$LIBARCH/dirsrv/plugins/nisserver-plugin.so default:nsslapd-plugininitfunc: nis_plugin_init default:nsslapd-plugintype: object +default:nsslapd-pluginbetxn: on default:nsslapd-pluginenabled: on default:nsslapd-pluginid: nis-server default:nsslapd-pluginversion: 0.10 diff --git a/install/share/schema_compat.uldif b/install/share/schema_compat.uldif index deca1bb4..a93b3277 100644 --- a/install/share/schema_compat.uldif +++ b/install/share/schema_compat.uldif @@ -14,6 +14,7 @@ default:nsslapd-plugintype: object default:nsslapd-pluginenabled: on default:nsslapd-pluginid: schema-compat-plugin default:nsslapd-pluginversion: 0.8 +default:nsslapd-pluginbetxn: on default:nsslapd-pluginvendor: redhat.com default:nsslapd-plugindescription: Schema Compatibility Plugin diff --git a/install/tools/man/ipa-ldap-updater.1 b/install/tools/man/ipa-ldap-updater.1 index df8dfe65..37e200f5 100644 --- a/install/tools/man/ipa-ldap-updater.1 +++ b/install/tools/man/ipa-ldap-updater.1 @@ -37,6 +37,7 @@ There are 7 keywords: * add: add a value (or values) to an attribute * remove: remove a value (or values) from an attribute * only: set an attribute to this + * onlyifexist: set an attribute to this only if the entry exists * deleteentry: remove the entry * replace: replace an existing value, format is old: new * addifnew: add a new attribute and value only if the attribute doesn't already exist. Only works with single\-value attributes. diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 41f2c627..44484a9a 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -738,7 +738,6 @@ "startup_traceback": false, "validate_api": false, "verbose": 0, - "wait_for_attr": false, "webui_assets_dir": null, "webui_prod": true, "xmlrpc_uri": "https://dev.example.com/ipa/xml" diff --git a/install/updates/10-disable-betxn.update b/install/updates/10-disable-betxn.update deleted file mode 100644 index 8fca4a5e..00000000 --- a/install/updates/10-disable-betxn.update +++ /dev/null @@ -1,37 +0,0 @@ -# Disable transactions in 389-ds-base - -dn: cn=7-bit check,cn=plugins,cn=config -only: nsslapd-pluginType: preoperation - -dn: cn=attribute uniqueness,cn=plugins,cn=config -only: nsslapd-pluginType: preoperation - -dn: cn=Auto Membership Plugin,cn=plugins,cn=config -only: nsslapd-pluginType: preoperation - -dn: cn=Linked Attributes,cn=plugins,cn=config -only: nsslapd-pluginType: preoperation - -dn: cn=Managed Entries,cn=plugins,cn=config -only: nsslapd-pluginType: preoperation - -dn: cn=MemberOf Plugin,cn=plugins,cn=config -only: nsslapd-pluginType: postoperation - -dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config -only: nsslapd-pluginbetxn: off - -dn: cn=PAM Pass Through Auth,cn=plugins,cn=config -only: nsslapd-pluginType: preoperation - -dn: cn=referential integrity postoperation,cn=plugins,cn=config -only: nsslapd-pluginType: postoperation - -dn: cn=Roles Plugin,cn=plugins,cn=config -only: nsslapd-pluginbetxn: off - -dn: cn=State Change Plugin,cn=plugins,cn=config -only: nsslapd-pluginType: postoperation - -dn: cn=USN,cn=plugins,cn=config -only: nsslapd-pluginbetxn: off diff --git a/install/updates/10-enable-betxn.update b/install/updates/10-enable-betxn.update new file mode 100644 index 00000000..88f584cb --- /dev/null +++ b/install/updates/10-enable-betxn.update @@ -0,0 +1,49 @@ +# Enable transactions in 389-ds-base + +dn: cn=7-bit check,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpreoperation + +dn: cn=attribute uniqueness,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpreoperation + +dn: cn=Auto Membership Plugin,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpreoperation + +dn: cn=Linked Attributes,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpreoperation + +dn: cn=Managed Entries,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpreoperation + +dn: cn=MemberOf Plugin,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpostoperation + +dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config +only: nsslapd-pluginbetxn: on + +dn: cn=PAM Pass Through Auth,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpreoperation + +dn: cn=referential integrity postoperation,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpostoperation + +dn: cn=Roles Plugin,cn=plugins,cn=config +only: nsslapd-pluginbetxn: on + +dn: cn=State Change Plugin,cn=plugins,cn=config +only: nsslapd-pluginType: betxnpostoperation + +dn: cn=USN,cn=plugins,cn=config +only: nsslapd-pluginbetxn: on + +dn: cn=IPA MODRDN,cn=plugins,cn=config +only: nsslapd-plugintype: betxnpostoperation + +dn: cn=ipa_pwd_extop,cn=plugins,cn=config +only: nsslapd-pluginbetxn: on + +dn: cn=Schema Compatibility, cn=plugins, cn=config +onlyifexist: nsslapd-pluginbetxn: on + +dn: cn=NIS Server, cn=plugins, cn=config +onlyifexist: nsslapd-pluginbetxn: on diff --git a/install/updates/55-pbacmemberof.update b/install/updates/55-pbacmemberof.update index bc17f566..f02b4f84 100644 --- a/install/updates/55-pbacmemberof.update +++ b/install/updates/55-pbacmemberof.update @@ -8,3 +8,11 @@ add: cn: IPA PBAC memberOf $TIME add: basedn: 'cn=privileges,cn=pbac,$SUFFIX' add: filter: (objectclass=*) add: ttl: 10 + +dn: cn=Update Role memberOf $TIME, cn=memberof task, cn=tasks, cn=config +add: objectClass: top +add: objectClass: extensibleObject +add: cn: Update Role memberOf $TIME +add: basedn: 'cn=roles,cn=accounts,$SUFFIX' +add: filter: (objectclass=*) +add: ttl: 10 diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index a675af8b..2e4f0a26 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -7,7 +7,7 @@ app_DATA = \ 10-RFC2307bis.update \ 10-RFC4876.update \ 10-config.update \ - 10-disable-betxn.update \ + 10-enable-betxn.update \ 10-selinuxusermap.update \ 10-sudo.update \ 10-ssh.update \ |