From 0df0907537d53f731e5ffc833a7c8d2e2d1a51f7 Mon Sep 17 00:00:00 2001
From: Martin Basti <mbasti@redhat.com>
Date: Mon, 10 Aug 2015 10:53:28 +0200
Subject: [PATCH] Fix upgrade of sidgen and extdom plugins

If configuration entries already exist, upgrade will not add them
again.

https://fedorahosted.org/freeipa/ticket/5151

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
---
 ipaserver/install/dsinstance.py     | 28 +++++++++++++++++++++++++---
 ipaserver/install/server/upgrade.py |  9 ++++++---
 2 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index b2558024f0b345700bc544757e0eecd8b1052a1d..f33a9e03a4148dde69fc61441c878f5126f8e455 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -925,20 +925,42 @@ class DsInstance(service.Service):
     def __add_range_check_plugin(self):
         self._ldap_mod("range-check-conf.ldif", self.sub_dict)
 
-    # These two methods are not local, they are also called from the upgrade code
     def _add_sidgen_plugin(self):
         """
         Add sidgen directory server plugin configuration if it does not already exist.
         """
         self._ldap_mod('ipa-sidgen-conf.ldif', self.sub_dict)
 
+    def add_sidgen_plugin(self):
+        """
+        Add sidgen plugin configuration only if it does not already exist.
+        """
+        dn = DN('cn=IPA SIDGEN,cn=plugins,cn=config')
+        try:
+            self.admin_conn.get_entry(dn)
+        except errors.NotFound:
+            self._add_sidgen_plugin()
+        else:
+            root_logger.debug("sidgen plugin is already configured")
+
     def _add_extdom_plugin(self):
         """
-        Add directory server configuration for the extdom extended operation
-        if it does not already exist.
+        Add directory server configuration for the extdom extended operation.
         """
         self._ldap_mod('ipa-extdom-extop-conf.ldif', self.sub_dict)
 
+    def add_extdom_plugin(self):
+        """
+        Add extdom configuration if it does not already exist.
+        """
+        dn = DN('cn=ipa_extdom_extop,cn=plugins,cn=config')
+        try:
+            self.admin_conn.get_entry(dn)
+        except errors.NotFound:
+            self._add_extdom_plugin()
+        else:
+            root_logger.debug("extdom plugin is already configured")
+
     def replica_populate(self):
         self.ldap_connect()
 
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index f295655dc2aa592e0215f15017c9b65af49eef80..037127918cb4c205c5049446989bfdaa674967a4 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -1261,11 +1261,11 @@ def ds_enable_sidgen_extdom_plugins(ds):
     root_logger.info('[Enable sidgen and extdom plugins by default]')
 
     if sysupgrade.get_upgrade_state('ds', 'enable_ds_sidgen_extdom_plugins'):
-        root_logger.info('sidgen and extdom plugins are enabled already')
+        root_logger.debug('sidgen and extdom plugins are enabled already')
         return
 
-    ds._add_sidgen_plugin()
-    ds._add_extdom_plugin()
+    ds.add_sidgen_plugin()
+    ds.add_extdom_plugin()
     sysupgrade.set_upgrade_state('ds', 'enable_ds_sidgen_extdom_plugins', True)
 
 def ca_upgrade_schema(ca):
@@ -1415,7 +1415,10 @@ def upgrade_configuration():
     ds.fqdn = fqdn
     ds.realm = api.env.realm
     ds.suffix = ipautil.realm_to_suffix(api.env.realm)
+
+    ds.ldap_connect()
     ds_enable_sidgen_extdom_plugins(ds)
+    ds.ldap_disconnect()
 
     # Now 389-ds is available, run the remaining http tasks
     if not http.is_kdcproxy_configured():
-- 
2.4.3