diff options
| author | Christian Heimes <cheimes@redhat.com> | 2018-07-10 14:03:28 +0200 |
|---|---|---|
| committer | Christian Heimes <cheimes@redhat.com> | 2018-07-12 15:26:25 +0200 |
| commit | f89e501ee13ce4d5f23ef33e3acacb181788fa5e (patch) | |
| tree | b01688d099297587c1a552f440f6cfab5f8e5e37 /ipapython | |
| parent | ba954efafdb3e430c76dfc327d2b683ac0e117eb (diff) | |
| download | freeipa-f89e501ee13ce4d5f23ef33e3acacb181788fa5e.tar.gz freeipa-f89e501ee13ce4d5f23ef33e3acacb181788fa5e.tar.xz freeipa-f89e501ee13ce4d5f23ef33e3acacb181788fa5e.zip | |
Handle races in replica config
When multiple replicas are installed in parallel, two replicas may try
to create the cn=replica entry at the same time. This leads to a
conflict on one of the replicas. replica_config() and
ensure_replication_managers() now handle conflicts.
ipaldap now maps TYPE_OR_VALUE_EXISTS to DuplicateEntry(). The type or
value exists exception is raised, when an attribute value or type is
already set.
Fixes: https://pagure.io/freeipa/issue/7566
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
Diffstat (limited to 'ipapython')
| -rw-r--r-- | ipapython/ipaldap.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ipapython/ipaldap.py b/ipapython/ipaldap.py index 66d73846a..53f8e7cbb 100644 --- a/ipapython/ipaldap.py +++ b/ipapython/ipaldap.py @@ -1029,7 +1029,12 @@ class LDAPClient(object): except ldap.NO_SUCH_OBJECT: raise errors.NotFound(reason=arg_desc or 'no such entry') except ldap.ALREADY_EXISTS: + # entry already exists raise errors.DuplicateEntry() + except ldap.TYPE_OR_VALUE_EXISTS: + # attribute type or attribute value already exists, usually only + # occurs, when two machines try to write at the same time. + raise errors.DuplicateEntry(message=desc) except ldap.CONSTRAINT_VIOLATION: # This error gets thrown by the uniqueness plugin _msg = 'Another entry with the same attribute value already exists' |