9d21232151
- Update to upstream 3.3.4 - Install CA anchor into standard location (#928478) - ipa-client-install part of ipa-server-install fails on reinstall (#1044994) - Remove mod_ssl workaround (RHEL bug #1029046) - Enable syncrepl plugin to support bind-dyndb-ldap 4.0
125 lines
4.3 KiB
Diff
125 lines
4.3 KiB
Diff
From ada54e7e836d13ccede3fe74f1cd30300a242c6e Mon Sep 17 00:00:00 2001
|
|
From: Ana Krivokapic <akrivoka@redhat.com>
|
|
Date: Fri, 25 Oct 2013 12:41:25 +0200
|
|
Subject: [PATCH 6/9] Enable Retro Changelog and Content Synchronization DS
|
|
plugins
|
|
|
|
Enable Retro Changelog and Content Synchronization DS plugins which are required
|
|
for SyncRepl support.
|
|
|
|
Create a working directory /var/named/ipa required by bind-dyndb-ldap v4+.
|
|
|
|
https://fedorahosted.org/freeipa/ticket/3967
|
|
---
|
|
freeipa.spec.in | 1 +
|
|
install/tools/ipa-upgradeconfig | 5 ++++-
|
|
install/updates/20-syncrepl.update | 9 +++++++++
|
|
install/updates/Makefile.am | 1 +
|
|
ipaserver/install/bindinstance.py | 13 +++++++++++++
|
|
5 files changed, 28 insertions(+), 1 deletion(-)
|
|
create mode 100644 install/updates/20-syncrepl.update
|
|
|
|
diff --git a/freeipa.spec.in b/freeipa.spec.in
|
|
index 8fd0a368ed02cfad120db6283e3899027d467bfc..4f60be6ccd623de4574c7627e0ffc4ff0829e701 100644
|
|
--- a/freeipa.spec.in
|
|
+++ b/freeipa.spec.in
|
|
@@ -764,6 +764,7 @@ fi
|
|
%{_mandir}/man1/ipa-backup.1.gz
|
|
%{_mandir}/man1/ipa-restore.1.gz
|
|
%{_mandir}/man1/ipa-advise.1.gz
|
|
+%ghost %{_localstatedir}/named/ipa
|
|
|
|
%files server-trust-ad
|
|
%{_sbindir}/ipa-adtrust-install
|
|
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
|
|
index cf9fe0e040e56bb75ca8d53e28586911caeffb2b..5bcef1ac827da296c6a35e8fc29a1c6f0a04f808 100644
|
|
--- a/install/tools/ipa-upgradeconfig
|
|
+++ b/install/tools/ipa-upgradeconfig
|
|
@@ -1084,6 +1084,10 @@ def main():
|
|
setup_firefox_extension(fstore)
|
|
add_ca_dns_records()
|
|
|
|
+ bind = bindinstance.BindInstance(fstore)
|
|
+ if bind.is_configured():
|
|
+ bind.create_dir('/var/named/ipa', 0700)
|
|
+
|
|
# Any of the following functions returns True iff the named.conf file
|
|
# has been altered
|
|
named_conf_changes = (
|
|
@@ -1097,7 +1101,6 @@ def main():
|
|
if any(named_conf_changes):
|
|
# configuration has changed, restart the name server
|
|
root_logger.info('Changes to named.conf have been made, restart named')
|
|
- bind = bindinstance.BindInstance(fstore)
|
|
try:
|
|
bind.restart()
|
|
except ipautil.CalledProcessError, e:
|
|
diff --git a/install/updates/20-syncrepl.update b/install/updates/20-syncrepl.update
|
|
new file mode 100644
|
|
index 0000000000000000000000000000000000000000..c4158a1634410acd323f04f442bbbd2f69c24708
|
|
--- /dev/null
|
|
+++ b/install/updates/20-syncrepl.update
|
|
@@ -0,0 +1,9 @@
|
|
+# Enable Retro changelog
|
|
+dn: cn=Retro Changelog Plugin,cn=plugins,cn=config
|
|
+only:nsslapd-pluginEnabled: on
|
|
+add:nsslapd-attribute: nsuniqueid:targetUniqueId
|
|
+add:nsslapd-changelogmaxage: 2d
|
|
+
|
|
+# Enable SyncRepl
|
|
+dn: cn=Content Synchronization,cn=plugins,cn=config
|
|
+only:nsslapd-pluginEnabled: on
|
|
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
|
|
index 40c3b3c8916faa267254a29d0f458ca53201950c..09965ff9885fce93f3d15dc73b11fa210f68b163 100644
|
|
--- a/install/updates/Makefile.am
|
|
+++ b/install/updates/Makefile.am
|
|
@@ -22,6 +22,7 @@ app_DATA = \
|
|
20-indices.update \
|
|
20-nss_ldap.update \
|
|
20-replication.update \
|
|
+ 20-syncrepl.update \
|
|
20-user_private_groups.update \
|
|
20-winsync_index.update \
|
|
21-replicas_container.update \
|
|
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
|
|
index 6d5a1d44d30c89278c24fe7ab5278355cb65b0b4..4baeb4e077c64a7abebd1c071012f6c1e02dc1ae 100644
|
|
--- a/ipaserver/install/bindinstance.py
|
|
+++ b/ipaserver/install/bindinstance.py
|
|
@@ -22,6 +22,7 @@
|
|
import pwd
|
|
import netaddr
|
|
import re
|
|
+import errno
|
|
|
|
import ldap
|
|
|
|
@@ -509,6 +510,16 @@ def create_sample_bind_zone(self):
|
|
os.close(bind_fd)
|
|
print "Sample zone file for bind has been created in "+bind_name
|
|
|
|
+ def create_dir(self, path, mode):
|
|
+ try:
|
|
+ os.makedirs(path, mode)
|
|
+ except OSError as e:
|
|
+ if e.errno != errno.EEXIST:
|
|
+ raise e
|
|
+
|
|
+ pent = pwd.getpwnam(self.named_user or 'named')
|
|
+ os.chown(path, pent.pw_uid, pent.pw_gid)
|
|
+
|
|
def create_instance(self):
|
|
|
|
try:
|
|
@@ -519,6 +530,8 @@ def create_instance(self):
|
|
# get a connection to the DS
|
|
self.ldap_connect()
|
|
|
|
+ self.create_dir('/var/named/ipa', 0700)
|
|
+
|
|
if installutils.record_in_hosts(self.ip_address, self.fqdn) is None:
|
|
installutils.add_record_to_hosts(self.ip_address, self.fqdn)
|
|
|
|
--
|
|
1.8.5.3
|
|
|