| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Bug Description: setup-ds.pl password prompt loops in Confirm prompt
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: Just make sure the prompt tells the user that they can hit Control-B Enter at any time to go back if they need to re-enter the password.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
| |
Bug Description: Unhandled error during setup: Could not import LDIF file
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: This doesn't allow you to re-prompt for the file, but this will at least cause setup to output a sensible error message if it detects that the given LDIF file is not readable.
Platforms tested: Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: rhds80 console - create new instance fails (only) after admin server restart
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: The problem was that the temp LDIF file used to init the new database was not created with the proper mode and ownership, so slapd could not load it. The fix is to make sure the ownership and mode is correct.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Cannot setup ds with remote config DS
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: This fix has two main parts. The first part is to fix setup. I took parts out of the 01nsroot template and put them into the templates that set up the directory server and admin server. So when those servers are registered, they will create those common entries if not present, or otherwise modify them to add the necessary information. I had to add uname_m and uname_a and some other items to the mapping files. I fixed a typo in one of the template files. I changed setup to create new directory server instances shutdown, so that when they are configured for the passthrough auth plugin, it will be working when started. Otherwise, directory servers you create with setup will not be manageable in the console until after they are restarted. This is the same way that ds_create works.
The second part of the fix is to allow people to fix "broken" installs. I added a -u (update) option to setup. This will scan for exsiting installations are re-register all servers found. The dialog flow is pretty simple - it just confirms that you want to run update mode, then asks for the config ds information, then re-registers all servers with the config ds, updating any information that is missing or outdated.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: Yes - need to document the new -u option.
|
| |
|
|
| |
Summary: Add CLI for dynamic reload schema file task
|
| |
|
|
| |
Summary: Added CLI for creating memberOf fix-up task entry.
|
| |
|
|
|
|
| |
Summary: LDAPI: cleaning up template-ldapi-default.ldif.in and DSCreate.pm.in
Description: Separated auto-bind attributes from the ldapi attributes. Fixed
to store auto-bind attributes in dsel.dif only when auto-bind is enabled.
|
| |
|
|
| |
Summary: LDAPI: move default LDAPI UNIX socket from /var/run/dirsrv/slapd-ID.socket to /var/run/slapd-ID.socket
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: migrate-ds-admin.pl spins at 100% cpu
Reviewed by: nkinder (Thanks!)
Fix Description: It was spinning because inst_dir was not being set, so it kept trying to find the parent directory of a non-existent directory. In migration, the old instance has no instance dir - we will fill that in during instance creation, so just skip it if not set. I also found and fixed another bug in migration with the usage of file_name_is_absolute - have to use the full module name and function name.
Platforms tested: RHEL4 32bit and 64bit
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Instance creation through console is broken
Reviewed by: nhosoi (Thanks!)
Fix Description: This was caused by my fix for bug 420751. When I added the as_uid to fix the ACI for the admin user, I did not add the mapping everywhere it was used. Unfortunately, I found that the code I added it to could only be used with a live connection to the new directory server, not a FileConn to the dse.ldif. So I had to add a new function to add this ACI to the new root suffix after the server had been started.
Another problem with instance creation was that the org entries were not being added when creating a new instance in the console. The default should be to create them if nothing else was specified.
Another problem was that instance creation was leaving temp ldif files around.
I also had to make sure ServerAdminID was specified everywhere it was needed by dirserver.map, or this would also have broken ds_remove.
Platforms tested: RHEL5 x86_64
Flag Day: Yes - autotool file change in adminserver
Doc impact: no
|
| |
|
|
|
| |
Description: migrate-ds-admin.pl script - not working
Fix Description: Was getting this output - GLOB(0x9d908d8)inst_dir = - forgot a comma
|
| |
|
|
|
| |
Description: migrate-ds-admin.pl script - not working
Fix Description: Broken while fixing bug 400421 - Need to use $mig->{inf} instead of $inf
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: unable to restart configDS via console
Reviewed by: nhosoi (Thanks!)
Fix Description: We were using the old format for the ldapStart directive, which assumed everything was under a serverroot, so it just stored the relative path. We need the absolute path. During regular setup, we can get this from the directory server instance. During migration, we need to update the ldapStart directive to use the absolute path, so we need to get that information from the directory server code.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Summary: command line scripts fine tuning (Comment #2)
Description: removed words "6.x" and "iWS" from the output messages.
|
| |
|
|
|
| |
Summary: command line scripts fine tuning (Comment #1)
Description: dded "-T vlvAttributeName: ..." to the usage
|
| |
|
|
|
|
|
|
|
|
| |
Summary: clean up template-scriptname which is derived from template-scriptname.in (comment #3,4)
Description: removing obsolete scripts:
ds_viewlog.pl scripts/template-dsml-activate.pl
scripts/template-migrateInstance5 scripts/template-migrateTo6
scripts/template-migrate50to51
scripts/template-migrateInstance6 scripts/template-migrate5to6
scripts/template-migrateTo5
|
| |
|
|
| |
Summary: verify-db.pl : can't find dbverify
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: '.' (dot) in the server ID
Reviewed by: nkinder (Thanks!)
Fix Description: Remove . and , from the characters allowed in the server ID. Also use the more descriptive error message.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Description: migration : ignore idl switch value in 6.21 and earlier
Fix Description: Have to assign the values directly to the array ref - not to a temp array ref
|
| |
|
|
|
| |
Summary: verify-db.pl : can't find dbverify (comment #5)
Fix: added the inst_dir to PATH to tell verify-db.pl where dbverify is located.
|
| |
|
|
|
| |
Description: migration : ignore idl switch value in 6.21 and earlier
Fix Description: Fix the error message
|
| |
|
|
|
| |
Description: migration : ignore idl switch value in 6.21 and earlier
Fix Description: Fix the error message
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: migration : ignore idl switch value in 6.21 and earlier
Reviewed by: nhosoi (Thanks!)
Fix Description: If we are migrating a 6.21 or older database, we must not preserve the old idl switch setting, we must use the new default. We also have to use LDIF files for database migration as we cannot reuse the old binary database files.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: obsolete values migrated to target instance
Reviewed by: nhosoi (Thanks!)
Fix Description: When fixing the attributes in the old entry, remove any obsolete attributes.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Description: tmpwatch whacks stats
Fix Description: Move the default nsslapd-tmpdir to /tmp.
|
| |
|
|
|
|
|
| |
Description: tmpwatch whacks stats
Reviewed by: nkinder (Thanks!)
Fix Description: move the snmp slapd.stats file to run_dir (/var/run/dirsrv) and rename to slapd-instance.stats. Had to add nsslapd-rundir to cn=config in order for ldap-agent to be able to get it.
Doc: Yes, we need to document the new attribute nsslapd-rundir.
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Do not allow direct migration if the source db index has old IDL format
Reviewed by: nkinder (Thanks!)
Fix Description: Just before the attempt to copy the database directories, look at the DBVERSION file from the source. If it is determined that the source version is too old, just exit migration and output a helpful error message.
Platforms tested: RHEL4 i386
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Description: Clean up setup dialog text
Fix Description: Fixed usage of setup as a noun and set up as a verb. Also a few other items.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Link DS with libumem on Solaris 9 and later
Reviewed by: nkinder (Thanks!)
Fix Description: See if libumem.so exists, and set the appropriate LD_PRELOAD env. var. if so.
Platforms tested: Solaris 9 64-bit
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: init script modification needed for kerberos auth
Reviewed by: nhosoi (Thanks!)
Fix Description: I just took Simo's initial patch and ran with it. The initconfigdir parameter is the directory containing the config file for the init script. configure will first try to use $(sysconfdir)/sysconfig, then $(sysconfdir)/default (Solaris and Debian, among others), then the package config directory (the default on HP-UX), for this parameter. The init script and startup script will look in the initconfigdir to find the init config file to source. For directory server, an instance specific file can be used, named e.g. dirsrv-localhost which will apply to the slapd-localhost instance only.
A default init config file is provided for dirsrv and dirsrv-admin, with some examples of how it could be used.
Platforms tested: RHEL5 x86_64
Flag Day: Yes - autotool file changes
Doc impact: Yes. We will need to document how the user can supply environment to the servers at startup time without having to edit the init scripts or the startup scripts.
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: rhds71 - search filters returns too many entries on interger attributes value greater than 2 to the 31
Reviewed by: nhosoi, nkinder (Thanks!)
Fix Description: This handles the migration part. The first part is when migrating the schema. Look for all integer syntax attributes. This can be tricky if there are SUP attribute types derived from integer syntax attributes. numSubordinates and hasSubordinates are skipped because they are handled specially by the db code. The next step is to scan all of the index files in the new db directory. If any integer indexes are found, they will be removed and recreated.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: Yes. Will need to document that this happens during migration if not cross platform.
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: Will need to create some integer indexes and do same platform migration to see if this works
|
| |
|
|
| |
Summary: Remove hard-coded SASL mappings and use config based regex mappings instead.
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Migration script does not migrate nsDS5ReplicaCredentials correctly.
Reviewed by: nkinder (Thanks!)
Fix Description: 7.1 and earlier chaining and replication credentials were stored incorrectly on little endian machines (x86 and itanium). They were "accidentally" stored correctly on big endian machines (sparc, pa-risc) because val == ntohl(val) on those platforms. When migrating from a little endian machine, we need to decode the password using the broken algorithm and re-encode it using the good method. We determine if the password is encode incorrectly by the following method: we use migratecred to decode and encode using the old path. If the values are equal, this means the password was already encoded correctly and we don't need to fix it. Otherwise, we set the flag that tells migratecred to fix it. In order to decode the broken password correctly on big endian machines, we have to swap the byte order to convert the values to little endian.
Platforms tested: RHEL5 x86_64, RHEL5 i386, Solaris 9
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Description: Show-Stopper - Migration path rhel21_ds621_TO_rhel4_32bit
Fix Description: not actually a fix, but with -dd this will print out the entries that were ignored during migration, which should be the presence plugin config entries and possibly others
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Migration script does not migrate nsDS5ReplicaCredentials correctly.
Reviewed by: nhosoi (Thanks!)
Fix Description: We still need to be able to decrypt passwords using the broken method. I guess it works on Solaris and HP because the values are already in network byte order. But when the values were encrypted on x86, they were encrypted the wrong way. It is safe to use MIGRATE_BROKEN_PWD on Solaris and HP because it is essentially a no-op. But this allows us to decrypt x86 passwords and store them correctly.
Platforms tested: RHEL4 i386, RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Reviewed by: nhosoi (Thanks!)
Fix Description: These are additional fixes for various and sundry problems:
1) If doing cross platform migration, just use the default db and changelog db dirs
2) If doing same platform migration, try to keep the db dir if the user has changed it. It will usually be changed for a good reason, like moving to a separate device for performance reasons. In order to see if the directory has changed, we need to "normalize" the path in the attribute so that we can compare it correctly.
3) Do not migrate the attributes nsslapd-db-private-import-mem and nsslapd-import-cache-autosize - just use the new default values for these
4) Do not migrate nsslapd-allidsthreshold - this has been removed
5) Add additional error checking and handling when migrating the local.conf information.
6) Change the brand in the sie and isie when migrating.
7) Update the Group in console.conf during migration.
Platforms tested: HP-UX 11.23 IPF64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Fix Description: Cannot start servers until after the data and config has been migrated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Reviewed by: nhosoi (Thanks!)
Fix Description: 1) The temp file created to fix nsroot was not owned by the server user, and ldif2db could not open it.
2) The perldap LDIF parser/writer did not correctly handle the version: 1 line in the LDIF file. It outputs dn\nversion: 1 which causes ldif2db to crash.
3) The migrate script could not start the server because it wasn't looking in the fhs-opt location. The real solution is to just have migration start the servers after it migrates them. This assumes the old servers are all shutdown first, which they must be, in order to have a consistent database for migration.
These last two were found and fixed by nhosoi
4) If we transform an attribute to an empty value, this means we want to remove it from the migrated entry. We use the remove method to remove the attribute.
5) The remove method in FileConn was not working. We have to make a clone of the entry that we have removed the attribute from. The process of iterating over the attributes skips deleted ones because of the way the Tie::Hash functions in the Entry class work.
Platforms tested: HP-UX 11.23 IPF64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Show-Stopper - Migration from DS 6.21 to DS80
Reviewed by: nhosoi (Thanks!)
Fix Description: Added a new function migrateNetscapeRoot which will create a temporary LDIF file from the given NetscapeRoot.ldif file. The function will look for all \bNetscape\b occurances and convert them to @capbrand@ where that is defined as the capitalized brand name in configure. It will then import this temporary LDIF file and delete it.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
| |
Summary: verify-db.pl (db_verify) does not work on a little endian machine
(comment #1-#4)
Description: 1) introducing dbverify mode to ns-slapd.
2) providing new script dbverify to call "ns-slapd dbverify"
3) fixing verify-db.pl to call dbverify instead of db_verify from BDB
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Pass in schema and config LDIF files to setup
Reviewed by: nhosoi (Thanks!)
Fix Description: 1) Allow multi-valued parameters in .inf files and command line. These values will be represented internally as an array ref. No existing parameters allow being multi-valued (e.g. you can't use Suffix=o=foo and Suffix=o=bar)
2) Add two new .inf parameters - SchemaFile and ConfigFile. The files listed in SchemaFile will be copied into the schema subdirectory of the new instance, so they must already be named appropriately (e.g. 60foo.ldif). The files listed in ConfigFile must be LDIF files with one or more whole entries to be added to the initial dse.ldif. These could be additional suffixes/databases to create, plugin configuration, replication configuration, or anything else.
Right now, if you have an LDIF file that relies on custom schema, you cannot use the InstallLdifFile directive during setup. SchemaFile allows you to do that.
Platforms tested: RHEL5
Flag Day: no
Doc impact: Will need to document the two additional parameters.
|
| |
|
|
|
|
| |
Summary: Replication monitor CGI seems misconfigured (comment #1)
1) get_replica: missing return value for the success case
2) support the case "shadowport" is not passed
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: 'Operation Error' encountered during DS6.21 to DS80 cross-platform migration
Reviewed by: nhosoi (Thanks!)
Fix Description: For cross platform migration, we should not migrate the nsslapd-idl-switch setting, we should just use the new default value which is "new".
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Summary: Migration script references a non-existing directory (comment #22)
Description: introduced ignoreOldEntries not to migrate obsolete config entries.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Migration script references a non-existing directory
Reviewed by: nhosoi (Thanks!)
Fix Description: This fixes a couple of problems.
1) Use the inst_dir from the directory server as the instance dir where the ldif2db script is found.
2) The password for migratecred should be quoted before being passed to the shell, in case there are shell meta chars in there
3) If using cross platform migration, and no LDIF files were found to migrate, this will cause an error message to be printed and migration will be aborted.
Platforms tested: RHEL4 i386, RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
| |
Summary: Migration script references a non-existing directory (comment #5,#7)
Description: 3 more fixes for the with-fhs-opt case
|
| |
|
|
|
| |
Summary: Migration script references a non-existing directory
Description: added an if clause for the with_fhs_opt case
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: 7.1 to 8.0 Migration Bug
Reviewed by: nhosoi (Thanks!)
Fix Description: Lots of issues
1) Instead of using Net::Domain::hostname() for the hostname to use for server identifiers, we must use the leftmost component of the FullMachineName specified by the user. One of the reasons is that hostname() and hostfqdn() can give different results such that hostname() is not the leftmost component of hostfqdn(). And we should just use whatever the user specifies. This required several changes to the mapfiles, and a change to the maptable processing, to process the perl code to eval last, so that we can use token substitutions from the inf file and from hard coded strings.
2) We need to add the global preferences stuff, during migration, in order for the console to function. We cannot rely on the migrated o=NetscapeRoot data because we have to make sure we specify the new jar files to use. In addition, we need to migrate over any customizations that the user has made to these preferences. This is handled by the new updateConsoleInfo function called during admin server migration.
3) There were several resources for messages missing. These have been added.
4) With the new perl only ds instance creation code, there will actually be data in the database even though the server is not started. This is what I believe was causing the error_removing_temp_db_files error. So now, the code will only attempt to remove plain files, not directories that could be globbed.
5) Use /opt/brand-ds for the old server root instead of /opt/pkgname.
6) The migration log should use [Migration} not [Setup]
7) migration should not report a fatal error upon success
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: 7.1 to 8.0 Migration Bug
Reviewed by: nhosoi (Thanks!)
Files: see diff
Branch: HEAD
Fix Description: Although the directory server always creates key/cert databases, the admin server does not. So, just log a message and skip if they do not exist. Also was missing some message resources for various errors.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
