areguera / rpms / ipa

Forked from rpms/ipa 5 years ago
Clone

Blame SOURCES/0074-DS-replication-settings-fix-regression-with-3.3-mast.patch

2737e7
From 35d8d61d53c9d99ae8a04365faa510535921ae48 Mon Sep 17 00:00:00 2001
2737e7
From: Florence Blanc-Renaud <flo@redhat.com>
2737e7
Date: Tue, 21 Aug 2018 11:37:17 +0200
2737e7
Subject: [PATCH] DS replication settings: fix regression with <3.3 master
2737e7
2737e7
Commit 811b0fdb4620938963f1a29d3fdd22257327562c introduced a regression
2737e7
when configuring replication with a master < 3.3
2737e7
Even if 389-ds schema is extended with nsds5ReplicaReleaseTimeout,
2737e7
nsds5ReplicaBackoffMax and nsDS5ReplicaBindDnGroupCheckInterval
2737e7
attributes, it will return UNWILLING_TO_PERFORM when a mod
2737e7
operation is performed on the cn=replica entry.
2737e7
2737e7
This patch ignores the error and logs a debug msg.
2737e7
2737e7
See: https://pagure.io/freeipa/issue/7617
2737e7
Reviewed-By: Christian Heimes <cheimes@redhat.com>
2737e7
---
2737e7
 ipaserver/install/replication.py | 16 +++++++++++++++-
2737e7
 1 file changed, 15 insertions(+), 1 deletion(-)
2737e7
2737e7
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
2737e7
index ffda9a182f840317d96f1b3b914b38233022fb5b..be738b249e36ca98fb2eea9e4730cefd0d30a3ee 100644
2737e7
--- a/ipaserver/install/replication.py
2737e7
+++ b/ipaserver/install/replication.py
2737e7
@@ -21,6 +21,7 @@ from __future__ import print_function, absolute_import
2737e7
 
2737e7
 import itertools
2737e7
 
2737e7
+import re
2737e7
 import six
2737e7
 import time
2737e7
 import datetime
2737e7
@@ -598,7 +599,20 @@ class ReplicationManager(object):
2737e7
             r_conn.simple_bind(r_binddn, r_bindpw)
2737e7
         else:
2737e7
             r_conn.gssapi_bind()
2737e7
-        self._finalize_replica_settings(r_conn)
2737e7
+        # If the remote server has 389-ds < 1.3, it does not
2737e7
+        # support the attributes we are trying to set.
2737e7
+        # Find which 389-ds is installed
2737e7
+        rootdse = r_conn.get_entry(DN(''), ['vendorVersion'])
2737e7
+        version = rootdse.single_value.get('vendorVersion')
2737e7
+        mo = re.search(r'(\d+)\.(\d+)\.(\d+)[\.\d]*', version)
2737e7
+        vendor_version = tuple(int(v) for v in mo.groups())
2737e7
+        if vendor_version >= (1, 3, 0):
2737e7
+            # 389-ds understands the replication attributes,
2737e7
+            # we can safely modify them
2737e7
+            self._finalize_replica_settings(r_conn)
2737e7
+        else:
2737e7
+            root_logger.debug("replication attributes not supported "
2737e7
+                         "on remote master, skipping update.")
2737e7
         r_conn.close()
2737e7
 
2737e7
     def setup_chaining_backend(self, conn):
2737e7
-- 
2737e7
2.17.1
2737e7