| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
| |
Bug Description: aci with bogus uid= dn created by ds_newinst
Reviewed by: nhosoi (Thanks!)
Fix Description: Unknown to me until just now, PL_strdup(NULL) will return "" - the empty string. The code in config_suitespot() expects that empty or unused fields are NULL. The solution is to create a create_instance_strdup() wrapper around PL_strdup() and use that in cases where the argument may be NULL. I checked create_instance.c. Every other place where PL_strdup is used, the argument is checked for NULL first. So these are the only places affected. Instance creation works fine after this change and does not create the offending aci.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Add enable switches for optional/experimental features
Reviewed by: nkinder, nhosoi, prowley (Thanks!)
Fix Description: Added --enable-pam-passthru, --enable-dna, and --enable-ldapi. They are all on by default and must be explicitly disabled (--disable-pam-passthru). These all cause ENABLE_xxx to be defined for C code so that we can enclose the code in #ifdef ENABLE_PAM_PASSTHRU blocks, for example. For the first two, these also cause the plugins to be built - so that if you specify --disable-pam-passthru, the plugin code will not be built at all. I discovered a nifty autoconf macro called AS_HELP_STRING - this nicely formats the help messages output by configure --help. I don't know if it's worth going through all of our m4 code to use this, but I went ahead and fixed configure.ac. Create instance will now add plugin configuration entries (but disabled) for pam passthru and dna if the corresponding ENABLE_ macros are defined. I also fixed a bug with passthru (not pam passthru) - the plugin configuration entry was not being added.
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: no
|
| |
|
|
| |
Summary: clean up template-scriptname which is derived from template-scriptname.in
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Allow building with bdb 4.4 or later
Reviewed by: nkinder (Thanks!)
Fix Description: db.m4 already had code to detect and use the correct version of db headers and libraries. There have been some minor api changes since 4.3, so not much code changes were required. Note that this merely allows the server to build and run with db4.4 or later, not to take advantage of the newer features of the API.
Platforms tested: FC7
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
| |
Bug Description: FHS: use sysconfdir (/etc) as config file location - allow builders to set dynamic config directory location at configure time
Reviewed by: nhosoi, nkinder, prowley (Thanks!)
Fix Description: I've added a new configure switch: --with-instconfigdir. This switch will allow the user to specify a different location to store the dynamic instance specific config files rather than the default $sysconfdir/$package_name (e.g. /etc/fedora-ds). This is the directory which will contain the slapd-instance directories which contain the instance specific config, schema, and security files. Even though the user could override this with ds_newinst.pl ([slapd] section config_dir), we needed to be able to set the default so that the user would not have to remember to do this every time, and so that packagers could set a reasonable default value for their platform.
Platforms tested: FC6, RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Add support for /etc/init scripts
Reviewed by: nkinder (Thanks!)
Fix Description: Add the new initscript. The initscript is called $PACKAGE_NAME which by
default is fedora-ds. This script is created from wrappers/initscript.in,
sed'd by the fixupcmd in Makefile.am during make install. The way it works is
this: service fedora-ds cmd will execute the cmd on all instances (found in
/etc/fedora-ds by default). service fedora-ds cmd instance will execute cmd on
only that instance. So if you have
/etc/fedora-ds/slapd-foo
/etc/fedora-ds/slapd-bar
and you do
service start fedora-ds
it will start up both slapd-foo and slapd-bar. If you do
service start fedora-ds bar
it will start up only slapd-bar. If you do
service start fedora-ds biff
you will get an error message. The initdir is platform specific (e.g.
/etc/rc.d/init.d on linux, /etc/init.d on Solaris) so the
definition was added to the platform dependent section of configure.ac.
The init script is explicitly branded, including the filename. I needed to add
support to the autotool files so that we could change the name of the file.
Since package_name is defined when you use the AC_INIT macro in configure.ac,
we don't need to define it elsewhere (e.g. #define BRAND_DS). So I added the
branding and other information to the autotool files, and changed
create_instance to use package_name instead of brand_ds to be consistent.
Having the package_name defined in much fewer places should make it much easier
to change in the future if necessary.
I also fixed a compiler warning in ldaprot.h.
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: Yes. We need to document how to use the initscript, and how to enable startup on boot - chkconfig fedora-ds on
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: FHS: use sysconfdir (/etc) as config file location
Reviewed by: nhosoi (Thanks!)
Fix Description: After much deliberation, we have decided that it is ok that our dynamic config files are under /etc/fedora-ds/slapd-instance.
So the config_dir will be /etc/fedora-ds/slapd-instance and the security and schema files will go there as well. Since the FHS is ambiguous about this issue, and it will be very confusing if the configuration files are not under /etc, and there are some agents (webmin, cfengine) that do "dynamically" modify config files under /etc, this outweighs any considerations about having the server using it's config file like an "ascii database".
In addition, the presence of repl-monitor-cgi causes rpm to complain, and since we only support CGIs in the Admin Server, this file has been removed from the core fedora-ds package.
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: FHS: move exes to _bindir; move ns-slapd to _sbindir
Reviewed by: many people (Thanks!)
Fix Description: In order to be more FHS compliant, we need to make the following changes:
1) move files executable by end users to _bindir (e.g. /usr/bin) - this means logconv.pl, ds_newinst, dbscan, etc.
2) move the server executable ns-slapd to _sbindir (e.g. /usr/sbin)
And, to be more packaging friendly, the additional changes:
3) move libback-ldbm to the plugins dir - it is a plugin
4) use the libtool -avoid-version flag with plugins - we don't need the .so.0.0.0 for plugins
I had to add support for sbindir and SBINDIR to create_instance and ds_newinst. We were using serverdir for 3 things - command line programs, server specific shared libs, and the server executable itself. These are now in 3 different places. The biggest change was to the scripts. I kept serverdir and SERVER-DIR to be the location of the server shared libs to avoid changing even more stuff. I had to add SERVERBIN-DIR to the scripts - this is the location of ns-slapd and is set by sbindir in create_instance (which defaults to SBINDIR from Makefile.am which defaults to $prefix/sbin in configure - whew).
I've tested instance creation with these diffs - everything seems to work fine.
5) reorder files in alphabetical order - suggested by nkinder
6) add $LDFLAGS to test in db.m4
7) touch all template/wrapper .in files to make them newer than their corresponding files
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: Yes, but the docs will have to change quite a bit for all of the FHS related changes.
|
| |
|
|
|
|
|
|
|
|
| |
Summary: Nightly build uses autotools/yum (Comment #32)
Changes: Makefile: moved scripts temlate dir from /etc to /usr/share
template-{start,stop}-slapd: modified the pid and startpid name to
slapd-<id>.pid and slapd-<id>.startpid.
Note: these changes do not affect the new build using autotools. The 3 files
would be eliminated when we move to the new build completely. The fix is for
keeping the nightly acceptance tests healthy by the transfer is completed.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Description: Instance specific dirs should be in instance directory
Fix Description: Needed to reverse rundir and ds_get_server_name() when constructing the pidfile name.
Reviewed by: nhosoi (Thanks!)
|
| |
|
|
|
|
|
|
|
|
|
| |
Description: Warn if cert or key file is missing
Fix Description: My fix for https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224672 reopened
this bug. I think the correct way to address this problem is this:
If using security, the key and cert db files must exist i.e. there must already
be a server cert for the server.
If not using security, there may not be a key/cert db, but NSS will create them
if the directory is writable.
Reviewed by: nhosoi (Thanks!)
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Get rid of key/cert db prefix
Reviewed by: nhosoi (Thanks!)
Fix Description: Now that we have everything in its own instance
specific directory, we do not need the troublesome key/cert database
prefix. This simplifies the slapd_nss_init code a great deal.
Platforms tested: RHEL4
Flag Day: no
Doc impact: YES - A couple of the pages on the wiki talk about slapd-instance-cert8.db and so on - these pages will have to change once FDS 1.1 is released
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Instance specific dirs should be in instance directory
Reviewed by: nhosoi (Thanks!)
Fix Description: Fixed create instance to create these instance specific directories:
/var/lock/slapd-instance -> /var/lock/fedora-ds/slapd-instance
/var/lib/slapd-instance -> /var/lib/fedora-ds/slapd-instance
/var/log/slapd-instance -> /var/log/fedora-ds/slapd-instance
/var/run/slapd-instance -> /var/run/fedora-ds
For now, I'm side-stepping the question of what to do about permissions on /var/run/fedora-ds/slapd-instance.pid - we'll address this in the RPM creation.
I've also moved the migration scripts to the %{_libdir}/fedora-ds/slapd-instance directory, and I've made the default directory for the key/cert db the same as the config directory. I think the dynamic nature of their configuration warrants the move.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Move script-templates from sysconfdir to datadir
Reviewed by: nkinder, dennis (Thanks!)
Files: see diff
Branch: HEAD
Fix Description: Just change sysconfdir to datadir in both the Makefile.am (which controls where the files are put during installation) and in create_instance.c (which controls where instance creation looks for the templates to use them to create the real scripts).
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
| |
Summary: make new_task() non-static
Adding a sample task plugin code and updating the README for the plugin.
|
| |
|
|
|
|
|
| |
Summary: [195305] make new_task() non-static
Changes: provide slapi_new_task and slapi_destroy_task as slapi APIs
Summary: [195307] task registration by plugins is wiped by task_init()
Changes: clean up old tasks before plugin_startall
|
| |
|
|
|
| |
Summary: referential integrity plugin does not stack with Class of Service appliance (Comment #16)
Changes: Don't call dblayer_close before plugin_closeall.
|
| |
|
|
|
| |
Summary: referential integrity plugin does not stack with Class of Service appliance (Comment #14)
Changes: Added the CoS plugin dependency to MMR.
|
| |
|
|
|
|
|
|
| |
Summary: referential integrity plugin does not stack with Class of Service appliance (Comment #11)
Changes:
1) registered cos_post_op and roles_post_op as SLAPI_PLUGIN_INTERNAL_POST_op_FN
functions.
2) changed the plugin type of CoS and Roles from "postoperation" to "object".
|
| |
|
|
|
| |
Summary: Directory Server hangs when running VLV search and update operations simultaneously. (Comment#22)
Change: Before creating db cursor, unlock vlvSearchList.
|
| |
|
|
| |
Summary: Fix inconsistent clear password storage and ensure that SASL authentication uses passwords properly.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: db backend path handling could be impoved to deal with "//", "..", etc.
Changes:
util.c:
modified rel2abspath so that if the given path contains "//", calls the
normalize function, and the normalize function eliminates the repeated
separators.
ldbm_config.c, ldbm_instance_config.c:
before setting the nsslapd-directory paths, pass them to rel2abspath to clean
up the paths.
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Server autoconf build crashes when stopped/started very quickly
Reviewed by: nhosoi (Thanks!)
Fix Description: The problem was that 3 of the database threads were being started and stopped before the 4th had a chance to start. So the thread count would start at 3 and drop to 0, and the dblayer_pre_close code would think everything was fine. The 4th thread is the checkpoint thread which was doing a db_checkpoint operation before incrementing the thread count. For some reason, on x86_64 with the system provided libdb-4.2, the checkpoint operation was taking longer than it usually does with our locally built libdb-4.2, so this allowed the other 3 threads to stop and start before the checkpoint thread had a chance to increment the thread count.
The solution is to make sure the incrementing of the thread count occurs as early as possible in the thread function, before any executable code that might take any time. This should ensure that all of the threads start up and increment the thread count before the shutdown occurs.
The second part of the solution is that, according to wtc, the NSPR maintainer, the PR_Atomic functions should not be used as a semaphore like this. So, the code was rewritten to use locks and condition variables. The code is not performance critical, so adding locking should not have any impact on performance. In addition, the new code is much cleaner, more correct, and more obvious about what it's doing.
Platforms tested: RHEL4 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
| |
Summary: Directory Server hangs when running VLV search and update operations simultaneously. (Comment #16)
Changes:
1. promoted idl_delete to global to make it available in
vlv_trim_candidates_byvalue. In vlv_trim_candidate_byvalue, if any id's in the
idlist is found not having the corresponding entry, delete the id from the
idlist and retry the binary search.
2. demoted too noisy error message: - compare_entries db err -30990
3. not to include the db access code (cursor operation) inside of the read-lock in vlv_find_index_by_filter.
|
| |
|
|
|
|
| |
Summary: Make random password generation work with policies
Changes: 1) Generate a password that meets the current password syntax rules.
2) Report errors when Min8Bit is set or MinCategories > 4
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Instance specific schema files should be owned by server uid
Reviewed by: nkinder (Thanks!)
Fix Description: Add a new function - ds_copy_group_files_using_mode_owner() - that allows you to set the file mode and owner when copying directories and files. Use that function when copying the schema files to the new instance directory.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
| |
Summary: Improved error messages for password syntax violations.
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Use @libdir@ instead of hardcoded /usr/lib in template-script.in files
Reviewed by: nkinder (Thanks!)
Fix Description: Just replace /usr/lib with @libdir@ in the script template .in files.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
| |
Summary: replica initialization: random failure (Comment #1)
Change: if acquire_replica is called for replica initialization, log REPLICA_BUSY.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: integrating db43 into ds70
Reviewed by: nkinder (Thanks!)
Fix Description: I took the original diffs posted by Ulf and merged them in with our code which has changed slightly since the diffs were originally generated. I also put #if directives like the following:
#if 1000*DB_VERSION_MAJOR + 100*DB_VERSION_MINOR >= 4300
... db43 features ...
#else
... db42 features ...
#endif
so that we can use both db42 and db43.
Platforms tested: RHEL4/FC5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Define LIBDIR, BINDIR, etc. in Makefile
Reviewed by: nkinder (Thanks!)
Fix Description: The paths LIBDIR, BINDIR, et. al. are #define'd in create_instance.h to hard coded values. We should be able to set these values in configure and override the built in values. We can't simply set them via AC_DEFINE in configure.ac because we are using config.h and this would render the definition like this:
#define BINDIR "${exec_prefix}/bin"
instead of
#define BINDIR "/usr/bin"
So we instead define them in Makefile.am and add their definitions to AM_CPPFLAGS, and quote them properly to make sure the value includes the quotation marks when expanded in the C code. I tested this with both an rpmbuild and a regular developer type build.
Platforms tested: RHEL4/FC5
Flag Day: no
Doc impact: no
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Summary: configure needs to support --with-fhs (Comment #13)
Changes:
configure.ac: $prefix should have been @prefix@. $prefix is replaced with the
value of --prefix, but not with AC_PREFIX_DEFAULT when --prefix is not given.
create_instance.[ch]: depending upon the macro IS_FHS, change swich the LIBDIR,
BINDIR, DATADIR, and DOCDIR.
ds_newinst.pl.in: use @libdir@ to get the ds_newinst path.
|
| |
|
|
|
|
|
|
|
|
| |
Summary: configure needs to support --with-fhs (Comment #6)
Changes: Added the following include next to the end of the copyright block.
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
|
| | |
|
| |
|
|
|
|
|
|
| |
Description: be able to pass in all configurable paths to ds_newinst
Fix Description: There were a couple of other minor problems with ds_newinst.pl
1) Should only set cgi parameters for those items which have a value
2) Should not setenv NETSITE_ROOT - this overrides prefix settings
3) Should not set prefix here - it is set elsewhere
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro CYRUS_SASL and BUILD_GSSAPI (Comment #23)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro MCC_HTTPD (Comment #14)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro NSPR20 (Comment #8)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro NSPR20 (Comment #9)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro UPGRADEDB (Comment #6)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro NET_SSL (Comment #5)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro NET_SSL and UPGRADEDB (Comment #5, #7)
|
| |
|
|
|
| |
Summary: Cleaning up obsolete macros in the build
Changes: eliminated macro NS_DS (Comment #2, #3)
|
