From 0df0907537d53f731e5ffc833a7c8d2e2d1a51f7 Mon Sep 17 00:00:00 2001

From: Martin Basti <mbasti@redhat.com>

Date: Mon, 10 Aug 2015 10:53:28 +0200

Subject: [PATCH] Fix upgrade of sidgen and extdom plugins

If configuration entries already exist, upgrade will not add them

again.

https://fedorahosted.org/freeipa/ticket/5151

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>

---

 ipaserver/install/dsinstance.py     | 28 +++++++++++++++++++++++++---

 ipaserver/install/server/upgrade.py |  9 ++++++---

 2 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py

index b2558024f0b345700bc544757e0eecd8b1052a1d..f33a9e03a4148dde69fc61441c878f5126f8e455 100644

--- a/ipaserver/install/dsinstance.py

+++ b/ipaserver/install/dsinstance.py

@@ -925,20 +925,42 @@ class DsInstance(service.Service):

     def __add_range_check_plugin(self):

         self._ldap_mod("range-check-conf.ldif", self.sub_dict)

-    # These two methods are not local, they are also called from the upgrade code

     def _add_sidgen_plugin(self):

         """

         Add sidgen directory server plugin configuration if it does not already exist.

         """

         self._ldap_mod('ipa-sidgen-conf.ldif', self.sub_dict)

+    def add_sidgen_plugin(self):

+        """

+        Add sidgen plugin configuration only if it does not already exist.

+        """

+        dn = DN('cn=IPA SIDGEN,cn=plugins,cn=config')

+        try:

+            self.admin_conn.get_entry(dn)

+        except errors.NotFound:

+            self._add_sidgen_plugin()

+        else:

+            root_logger.debug("sidgen plugin is already configured")

+

     def _add_extdom_plugin(self):

         """

-        Add directory server configuration for the extdom extended operation

-        if it does not already exist.

+        Add directory server configuration for the extdom extended operation.

         """

         self._ldap_mod('ipa-extdom-extop-conf.ldif', self.sub_dict)

+    def add_extdom_plugin(self):

+        """

+        Add extdom configuration if it does not already exist.

+        """

+        dn = DN('cn=ipa_extdom_extop,cn=plugins,cn=config')

+        try:

+            self.admin_conn.get_entry(dn)

+        except errors.NotFound:

+            self._add_extdom_plugin()

+        else:

+            root_logger.debug("extdom plugin is already configured")

+

     def replica_populate(self):

         self.ldap_connect()

diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py

index f295655dc2aa592e0215f15017c9b65af49eef80..037127918cb4c205c5049446989bfdaa674967a4 100644

--- a/ipaserver/install/server/upgrade.py

+++ b/ipaserver/install/server/upgrade.py

@@ -1261,11 +1261,11 @@ def ds_enable_sidgen_extdom_plugins(ds):

     root_logger.info('[Enable sidgen and extdom plugins by default]')

     if sysupgrade.get_upgrade_state('ds', 'enable_ds_sidgen_extdom_plugins'):

-        root_logger.info('sidgen and extdom plugins are enabled already')

+        root_logger.debug('sidgen and extdom plugins are enabled already')

         return

-    ds._add_sidgen_plugin()

-    ds._add_extdom_plugin()

+    ds.add_sidgen_plugin()

+    ds.add_extdom_plugin()

     sysupgrade.set_upgrade_state('ds', 'enable_ds_sidgen_extdom_plugins', True)

 def ca_upgrade_schema(ca):

@@ -1415,7 +1415,10 @@ def upgrade_configuration():

     ds.fqdn = fqdn

     ds.realm = api.env.realm

     ds.suffix = ipautil.realm_to_suffix(api.env.realm)

+

+    ds.ldap_connect()

     ds_enable_sidgen_extdom_plugins(ds)

+    ds.ldap_disconnect()

     # Now 389-ds is available, run the remaining http tasks

     if not http.is_kdcproxy_configured():

-- 

2.4.3