From 761257efc18f9f5efedae110ba8cfa5feeb9f8f7 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Mon, 12 Jan 2015 15:37:33 +0000
Subject: [PATCH] Remove RUV from LDIF files before using them in ipa-restore

https://fedorahosted.org/freeipa/ticket/4822

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
---
 ipaserver/install/ipa_restore.py | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index f3a60fcc7a60c38c0d2ae1e52fc4fe7712411ec1..cd98d07f5f7c7b2ea1b1fef9a272229475efcdc9 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -24,6 +24,7 @@ import tempfile
 import time
 import pwd
 from ConfigParser import SafeConfigParser
+import ldif
 
 from ipalib import api, errors
 from ipapython import version, ipautil, certdb, dogtag
@@ -94,6 +95,32 @@ def decrypt_file(tmpdir, filename, keyring):
     return dest
 
 
+class RemoveRUVParser(ldif.LDIFParser):
+    def __init__(self, input_file, writer, logger):
+        ldif.LDIFParser.__init__(self, input_file)
+        self.writer = writer
+        self.log = logger
+
+    def handle(self, dn, entry):
+        objectclass = None
+        nsuniqueid = None
+
+        for name, value in entry.iteritems():
+            name = name.lower()
+            if name == 'objectclass':
+                objectclass = [x.lower() for x in value]
+            elif name == 'nsuniqueid':
+                nsuniqueid = [x.lower() for x in value]
+
+        if (objectclass and nsuniqueid and
+            'nstombstone' in objectclass and
+            'ffffffff-ffffffff-ffffffff-ffffffff' in nsuniqueid):
+            self.log.debug("Removing RUV entry %s", dn)
+            return
+
+        self.writer.unparse(dn, entry)
+
+
 class Restore(admintool.AdminTool):
     command_name = 'ipa-restore'
     log_file_name = paths.IPARESTORE_LOG
@@ -447,7 +474,14 @@ class Restore(admintool.AdminTool):
         dn = DN(('cn', cn), ('cn', 'import'), ('cn', 'tasks'), ('cn', 'config'))
 
         ldifname = '%s-%s.ldif' % (instance, backend)
-        ldiffile = os.path.join(self.dir, ldifname)
+        srcldiffile = os.path.join(self.dir, ldifname)
+        ldiffile = '%s.noruv' % srcldiffile
+
+        with open(ldiffile, 'wb') as out_file:
+            ldif_writer = ldif.LDIFWriter(out_file)
+            with open(srcldiffile, 'rb') as in_file:
+                ldif_parser = RemoveRUVParser(in_file, ldif_writer, self.log)
+                ldif_parser.parse()
 
         if online:
             conn = self.get_connection()
-- 
2.1.0