494 lines
18 KiB
Diff
494 lines
18 KiB
Diff
|
|
<!DOCTYPE html>
|
|
<html lang='en'>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
|
|
<title>Commit - freeipa - d29b47512a39ada02fb371521994576cd9815a6c - Pagure.io</title>
|
|
<link rel="shortcut icon" type="image/vnd.microsoft.icon"
|
|
href="/theme/static/favicon.ico?version=5.13.3"/>
|
|
<link href="/theme/static/fedora-bootstrap-1.3.0/fedora-bootstrap.min.css?version=5.13.3"
|
|
type="text/css" rel="stylesheet" />
|
|
<link href="/theme/static/fonts/fonts.css?version=5.13.3"
|
|
rel="stylesheet" type="text/css" />
|
|
<link href="/theme/static/fonts/hack_fonts/css/hack-extended.min.css?version=5.13.3"
|
|
type="text/css" rel="stylesheet" />
|
|
<link href="/theme/static/theme.css?version=5.13.3"
|
|
type="text/css" rel="stylesheet" />
|
|
|
|
<link type="text/css" rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/vendor/font-awesome/font-awesome.css?version=5.13.3"/>
|
|
<link type="text/css" rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/pagure.css?version=5.13.3"/>
|
|
<link rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/vendor/highlight.js/styles/github.css?version=5.13.3"/>
|
|
<link rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/vendor/diff2html/diff2html.css?version=5.13.3"/>
|
|
|
|
</head>
|
|
<body id="home">
|
|
|
|
<!-- start masthead -->
|
|
<nav class="navbar navbar-light masthead p-0 navbar-expand">
|
|
<div class="container">
|
|
<a href="/" class="navbar-brand">
|
|
<img height="40" src="/theme/static/pagure-logo.png?version=5.13.3"
|
|
alt="pagure Logo" id="pagureLogo"/>
|
|
</a>
|
|
<ul class="navbar-nav ml-auto">
|
|
|
|
|
|
|
|
<li class="nav-item">
|
|
<a class="btn btn-primary" href="/login/?next=https://pagure.io/freeipa/c/d29b47512a39ada02fb371521994576cd9815a6c">Log In</a>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
</nav>
|
|
<!-- close masthead-->
|
|
|
|
<div class="bodycontent">
|
|
|
|
|
|
<div class="bg-light border border-bottom pt-3">
|
|
<div class="container">
|
|
<div class="row mb-3">
|
|
<div class="col-6">
|
|
<div class="row">
|
|
<div class="col-auto pr-0">
|
|
<h3>
|
|
<i class="fa fa-calendar-o fa-rotate-270 text-muted"></i></h3>
|
|
</div>
|
|
<div class="col-auto pl-2">
|
|
<h3 class="mb-0">
|
|
<a href="/freeipa"><strong>freeipa</strong></a>
|
|
</h3>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="col-6 text-right">
|
|
<div class="btn-group">
|
|
<div class="btn-group">
|
|
<a href="#"
|
|
class="btn btn-sm dropdown-toggle btn-outline-primary"
|
|
data-toggle="dropdown" id="watch-button">
|
|
<i class="fa fa-clone fa-fw"></i>
|
|
<span>Clone</span>
|
|
</a>
|
|
<div class="dropdown-menu dropdown-menu-right">
|
|
<div class="m-3" id="source-dropdown">
|
|
<div>
|
|
<h5><strong>Source Code</strong></h5>
|
|
|
|
<div class="form-group">
|
|
<div class="input-group input-group-sm">
|
|
<div class="input-group-prepend"><span class="input-group-text">GIT</span></div>
|
|
<input class="form-control bg-white select-on-focus" type="text" value="https://pagure.io/freeipa.git" readonly>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<ul class="nav nav-tabs nav-small border-bottom-0">
|
|
<li class="nav-item mr-2 text-dark">
|
|
<a class="nav-link active" href="/freeipa">
|
|
<i class="fa fa-code fa-fw text-muted"></i>
|
|
<span class="d-none d-md-inline">Source</span>
|
|
</a>
|
|
</li>
|
|
|
|
<li class="nav-item mr-2 text-dark">
|
|
<a class="nav-link" href="/freeipa/issues">
|
|
<i class="fa fa-fw text-muted fa-exclamation-circle"></i>
|
|
<span class="d-none d-md-inline">Issues </span>
|
|
<span class="badge badge-secondary py-0 d-none d-md-inline">
|
|
986
|
|
</span>
|
|
</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-item mr-2 text-dark">
|
|
<a class="nav-link" href="/freeipa/roadmap"
|
|
class="btn btn-outline-dark btn-sm">
|
|
<i class="fa fa-fw text-muted fa-map-signs"></i>
|
|
<span class="d-none d-md-inline">Roadmap </span>
|
|
</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-item mr-2 text-dark">
|
|
<a class="nav-link" href="/freeipa/stats">
|
|
<i class="fa fa-line-chart fa-fw text-muted"></i>
|
|
<span class="d-none d-md-inline">Stats</span>
|
|
</a>
|
|
</li>
|
|
|
|
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="container pt-5 repo-body-container">
|
|
<div class="row">
|
|
<div class="col">
|
|
<nav class="nav nav-tabs nav-sidetabs flex-column">
|
|
<a class=
|
|
"nav-link nowrap
|
|
"
|
|
href="/freeipa">
|
|
<i class="fa fa-home text-muted fa-fw"></i> <span class="d-none d-md-inline">Overview</span>
|
|
</a>
|
|
<a class=
|
|
"nav-link nowrap
|
|
"
|
|
href="/freeipa/tree">
|
|
<i class="fa fa-file-code-o text-muted fa-fw"></i> Files
|
|
</a>
|
|
<a class=
|
|
"nav-link nowrap
|
|
active"
|
|
href="/freeipa/commits">
|
|
<i class="fa fa-list-alt text-muted fa-fw" data-glyph="spreadsheet"></i> Commits
|
|
</a>
|
|
<a class=
|
|
"nav-link nowrap
|
|
"
|
|
href="/freeipa/branches">
|
|
<i class="fa fa-random text-muted fa-fw"></i> Branches
|
|
</a>
|
|
<a class=
|
|
"nav-link nowrap
|
|
"
|
|
href="/freeipa/forks">
|
|
<i class="fa fa-code-fork text-muted fa-fw"></i> Forks
|
|
</a>
|
|
<a class=
|
|
"nav-link nowrap
|
|
"
|
|
href="/freeipa/releases">
|
|
<i class="fa fa-tags text-muted fa-fw"></i> Releases
|
|
</a>
|
|
</nav> </div>
|
|
<div class="col-10">
|
|
<div class="d-flex">
|
|
<div>
|
|
<h4 class="font-weight-bold">
|
|
<span title="d29b47512a39ada02fb371521994576cd9815a6c"><code class="text-white bg-primary">d29b475</code></span>
|
|
<span>Upgrade: fix replica agreement</span>
|
|
</h4>
|
|
<h5 class="text-muted pt-1 mb-0">
|
|
Authored and Committed by <img class="avatar circle lazyload" src="https://seccdn.libravatar.org/avatar/1e52aaae9646f0f890f5f6c771cd060c66898d5fdf78e8a6021eb2b75e27ffe2?s=16&d=retro"/> <a title='Florence Blanc-Renaud' href='/user/frenaud' >frenaud</a>
|
|
<span title="2023-06-22 15:49:40 UTC" data-toggle="tooltip">7 days ago</span>
|
|
</h5>
|
|
</div>
|
|
<div class="ml-auto">
|
|
<div class="btn-group">
|
|
<a class="btn btn-outline-primary btn-sm" href="/freeipa/raw/d29b47512a39ada02fb371521994576cd9815a6c" title="View as raw">raw</a>
|
|
<a class="btn btn-outline-primary btn-sm" href="/freeipa/c/d29b47512a39ada02fb371521994576cd9815a6c.patch">patch</a>
|
|
<a class="btn btn-outline-primary btn-sm" href="/freeipa/tree/d29b47512a39ada02fb371521994576cd9815a6c">tree</a>
|
|
<a class="btn btn-outline-primary btn-sm" title=356ec5cbfe0876686239f938bdf54892dc30571e href="/freeipa/c/356ec5cbfe0876686239f938bdf54892dc30571e">parent</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="card border-0 mb-3">
|
|
<div class="card-header border-0 bg-white font-weight-bold p-0">
|
|
<a href="#commit-overview-collapse" data-toggle="collapse" data-target="#commit-overview-collapse">1 file changed.</a>
|
|
<span class="text-success">38 lines added</span>.
|
|
<span class="text-danger">42 lines removed</span>.
|
|
</div>
|
|
<div class="card-body p-0 collapse" id="commit-overview-collapse">
|
|
<div class="list-group ">
|
|
<a href="#_1" class="list-group-item list-group-item-action">
|
|
<div class="d-flex">
|
|
<div class="font-weight-bold">
|
|
ipaserver/install/plugins/fix_replica_agreements.py
|
|
</div>
|
|
<div class="ml-auto font-weight-bold">
|
|
<span class="font-weight-bold btn btn-sm btn-outline-secondary border-0 disabled opacity-100">file modified</span>
|
|
<div class="btn-group">
|
|
<span class="font-weight-bold btn btn-sm btn-success disabled opacity-100">+38</span>
|
|
<span class="font-weight-bold btn btn-sm btn-danger disabled opacity-100">-42</span>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</a> </div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<div class="m-y-1">
|
|
<pre class="commit_message_body">
|
|
Upgrade: fix replica agreement
|
|
|
|
The upgrade checks the replication agreements to ensure that
|
|
some attributes are excluded from replication. The agreements
|
|
are stored in entries like
|
|
cn=serverToreplica,cn=replica,cn=_suffix_,cn=mapping tree,cn=config
|
|
but those entries are managed by the replication topology plugin
|
|
and should not be updated directly. The consequence is that the update
|
|
of the attributes fails and ipa-server-update prints an error message:
|
|
|
|
Error caught updating nsDS5ReplicatedAttributeList: Server is unwilling
|
|
to perform: Entry and attributes are managed by topology <a href="http://plugin.No" rel="nofollow">plugin.No</a> direct
|
|
modifications allowed.
|
|
Error caught updating nsDS5ReplicatedAttributeListTotal: Server is
|
|
unwilling to perform: Entry and attributes are managed by topology
|
|
<a href="http://plugin.No" rel="nofollow">plugin.No</a> direct modifications allowed.
|
|
|
|
The upgrade continues but the replication is not excluding
|
|
passwordgraceusertime.
|
|
|
|
Instead of editing the agreements, perform the modifications on
|
|
the topology segments.
|
|
|
|
Fixes: <a href="https://pagure.io/freeipa/issue/9385" rel="nofollow">https://pagure.io/freeipa/issue/9385</a>
|
|
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
|
|
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
|
|
|
|
</pre>
|
|
</div>
|
|
|
|
|
|
|
|
|
|
|
|
<section class="commit_diff">
|
|
<div class="card mt-3" id="_1">
|
|
<div class="card-header">
|
|
<div class="d-flex align-items-center">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<div>
|
|
<a class="font-weight-bold ml-2" href="/freeipa/blob/d29b47512a39ada02fb371521994576cd9815a6c/f/ipaserver/install/plugins/fix_replica_agreements.py"
|
|
title="View file as of d29b475">ipaserver/install/plugins/fix_replica_agreements.py</a>
|
|
|
|
</div>
|
|
<div class="d-flex align-items-center ml-auto">
|
|
<div class="btn btn-outline-secondary disabled opacity-100 border-0 font-weight-bold">file modified</div>
|
|
|
|
<div class="btn-group">
|
|
<span class="btn btn-success btn-sm font-weight-bold disabled opacity-100">+38</span>
|
|
<span class="btn btn-danger btn-sm font-weight-bold disabled opacity-100">-42</span>
|
|
</div>
|
|
|
|
<a class="btn btn-outline-primary btn-sm ml-2" href="/freeipa/blob/d29b47512a39ada02fb371521994576cd9815a6c/f/ipaserver/install/plugins/fix_replica_agreements.py"
|
|
title="View file as of d29b475">
|
|
<i class="fa fa-file-code-o fa-fw"></i>
|
|
</a>
|
|
|
|
<a href="diff2html_1" class="btn btn-sm btn-outline-primary diffcollapse ml-2" data-toggle="collapse" data-target="#diff2html_1">
|
|
<i class="fa fa-fw fa-caret-up"></i>
|
|
</a>
|
|
|
|
</div></div>
|
|
</div>
|
|
<div class="diff2html-output collapse show" data-diffno="1" id="diff2html_1"></div>
|
|
|
|
</div>
|
|
</section>
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
<div class="footer pt-4 text-white">
|
|
<div class="container">
|
|
<div class="d-flex align-items-center">
|
|
<div>
|
|
<div>Powered by <a href="https://pagure.io/pagure" class="notblue">Pagure</a> 5.13.3</div>
|
|
<div>
|
|
<a href="https://docs.pagure.org/pagure/usage/index.html" class="notblue">Documentation</a> •
|
|
<a href="https://pagure.io/pagure/new_issue" class="notblue">File an Issue</a> •
|
|
<a href="/about">About</a> •
|
|
<a href="/ssh_info" class="notblue">SSH Hostkey/Fingerprint</a>
|
|
</div>
|
|
</div>
|
|
<div class="ml-auto text-right">
|
|
<div>© Red Hat, Inc. and others.</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/jquery/jquery.min.js?version=5.13.3"></script>
|
|
|
|
<script src="/static/vendor/bootstrap/bootstrap.bundle.min.js?version=5.13.3"></script>
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
|
|
$('[data-toggle="tooltip"]').tooltip({placement : 'bottom'});
|
|
$(".cancel_btn").click(function() {
|
|
history.back();
|
|
});
|
|
</script>
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/lazyload/lazyload.min.js?version=5.13.3"></script>
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
|
|
window.addEventListener("load", function(event) {
|
|
lazyload();
|
|
});
|
|
</script>
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
|
|
$("#giturl-toggle").on('click', function(event){
|
|
event.stopPropagation();
|
|
$("#giturl-more").toggle();
|
|
$("#giturl-toggle").hide();
|
|
})
|
|
|
|
$(".fork_project_btn").click(function() {
|
|
$('#fork_project').submit();
|
|
});
|
|
|
|
$(".select-on-focus").on("focus", function() {
|
|
$(this).select();
|
|
});
|
|
|
|
</script>
|
|
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/diff2html/diff2html.min.js?version=5.13.3"></script>
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/highlight.js/highlight.pack.js?version=5.13.3"></script>
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/highlight.js/spec.js?version=5.13.3"></script>
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/diff2html/diff2html-ui.min.js?version=5.13.3"></script>
|
|
|
|
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
|
|
$(document).ready(function() {
|
|
$(".diffcollapse").click(function(e){
|
|
$(this).find("i").toggleClass("fa-caret-down fa-caret-up")
|
|
});
|
|
});
|
|
$(function(){
|
|
$('#diff_list_link').click(function(){
|
|
$('#diff_list').toggle();
|
|
});
|
|
});
|
|
$.ajax({
|
|
url: '/freeipa/c/d29b47512a39ada02fb371521994576cd9815a6c.diff?js=True' ,
|
|
type: 'GET',
|
|
dataType: 'json',
|
|
success: function(res) {
|
|
$(".diff2html-output").each(function(){
|
|
var diffString = res[$(this).attr("data-diffno")];
|
|
var diff2htmlUi = new Diff2HtmlUI({diff: diffString});
|
|
diff2htmlUi.draw('#diff2html_'+$(this).attr("data-diffno"), {inputFormat: 'diff'});
|
|
diff2htmlUi.highlightCode('#diff2html_'+$(this).attr("data-diffno"));
|
|
|
|
});
|
|
}
|
|
});
|
|
|
|
$.ajax({
|
|
url: '/pv/branches/commit/' ,
|
|
type: 'POST',
|
|
data: {
|
|
repo: "freeipa",
|
|
repouser: "",
|
|
namespace: "",
|
|
commit_id: "d29b47512a39ada02fb371521994576cd9815a6c",
|
|
csrf_token: "IjBlMjNjZTVhYTU0ZTdiNDg1ODAyM2E4YjRmM2NmZjBhZjkwZTM0ZjQi.F394iA.hp0mU_A319AwGFwaTxBoPMzh1VQ",
|
|
},
|
|
dataType: 'json',
|
|
success: function(res) {
|
|
if (res.branches.length == 0){
|
|
return;
|
|
}
|
|
var _br = '';
|
|
for (var i = 0; i < res.branches.length; ++i) {
|
|
if (_br.length > 0){
|
|
_br += ', ';
|
|
}
|
|
_br += res.branches[i]
|
|
}
|
|
var el = $('#diff-file-1');
|
|
if (!el){
|
|
return;
|
|
}
|
|
el.before(
|
|
'<div class=""><i class="fa fa-code-fork"></i> '
|
|
+ _br + '</div>');
|
|
}
|
|
});
|
|
</script>
|
|
|
|
</body>
|
|
</html>From 93d97b59600c15e5028ee39b0e98450544165158 Mon Sep 17 00:00:00 2001
|
|
From: Florence Blanc-Renaud <flo@redhat.com>
|
|
Date: Jun 22 2023 15:49:40 +0000
|
|
Subject: Integration tests: add a test to ipa-server-upgrade
|
|
|
|
|
|
Add an integration test ensuring that the upgrade
|
|
properly updates the attributes to be excluded from
|
|
replication.
|
|
|
|
Related: https://pagure.io/freeipa/issue/9385
|
|
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
|
|
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
|
|
|
|
---
|
|
|
|
diff --git a/ipatests/test_integration/test_simple_replication.py b/ipatests/test_integration/test_simple_replication.py
|
|
index 17092a4..d1e65ef 100644
|
|
--- a/ipatests/test_integration/test_simple_replication.py
|
|
+++ b/ipatests/test_integration/test_simple_replication.py
|
|
@@ -23,8 +23,10 @@ import pytest
|
|
|
|
from ipaplatform.paths import paths
|
|
from ipapython.dn import DN
|
|
+from ipaserver.install.replication import EXCLUDES
|
|
from ipatests.pytest_ipa.integration import tasks
|
|
from ipatests.test_integration.base import IntegrationTest
|
|
+from ipatests.test_integration.test_topology import find_segment
|
|
|
|
|
|
def check_replication(source_host, dest_host, login):
|
|
@@ -104,6 +106,34 @@ class TestSimpleReplication(IntegrationTest):
|
|
[paths.IPA_CUSTODIA_CHECK, self.master.hostname]
|
|
)
|
|
|
|
+ def test_fix_agreements(self):
|
|
+ """Test that upgrade fixes the list of attributes excluded from repl
|
|
+
|
|
+ Test for ticket 9385
|
|
+ """
|
|
+ # Prepare the server by removing some values from
|
|
+ # from the nsDS5ReplicatedAttributeList
|
|
+ segment = find_segment(self.master, self.replicas[0], "domain")
|
|
+ self.master.run_command([
|
|
+ "ipa", "topologysegment-mod", "domain", segment,
|
|
+ "--replattrs",
|
|
+ "(objectclass=*) $ EXCLUDE memberof idnssoaserial entryusn"])
|
|
+ # Run the upgrade
|
|
+ result = self.master.run_command(["ipa-server-upgrade"])
|
|
+ # Ensure that the upgrade updated the attribute without error
|
|
+ errmsg = "Error caught updating nsDS5ReplicatedAttributeList"
|
|
+ assert errmsg not in result.stdout_text
|
|
+ # Check the updated value
|
|
+ suffix = DN(self.master.domain.basedn)
|
|
+ dn = DN(('cn', str(suffix)), ('cn', 'mapping tree'), ('cn', 'config'))
|
|
+ result = tasks.ldapsearch_dm(self.master, str(dn),
|
|
+ ["nsDS5ReplicatedAttributeList"])
|
|
+ output = result.stdout_text.lower()
|
|
+
|
|
+ template = 'nsDS5ReplicatedAttributeList: (objectclass=*) $ EXCLUDE %s'
|
|
+ expected_value = template % " ".join(EXCLUDES)
|
|
+ assert expected_value.lower() in output
|
|
+
|
|
def test_replica_removal(self):
|
|
"""Test replica removal"""
|
|
result = self.master.run_command(['ipa-replica-manage', 'list'])
|
|
|