andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0022-Ticket-49997-RFE-ds-replcheck-could-validate-suffix-.patch

26521d
From d116dd899b4ad64b0ab14f3e153e76a95f54937e Mon Sep 17 00:00:00 2001
26521d
From: German Parente <gparente@redhat.com>
26521d
Date: Sun, 28 Oct 2018 16:29:09 +0100
26521d
Subject: [PATCH] Ticket 49997 RFE: ds-replcheck could validate suffix exists
26521d
 and it's replicated
26521d
26521d
Bug Description:
26521d
26521d
seen at customer site, as first request to ldap database is the RUV, if the suffix provided in the command line does not exist or it's not replicated, we have an error message that it's regarding the RUV:
26521d
26521d
ds-replcheck -D "cn=directory manager" -w secret12 -b "o=ipaca" -r ldap://ipamaster.germanparente.local:389 -m ldap://ipareplica.germanparente.local
26521d
Performing online report...
26521d
Connecting to servers...
26521d
Gathering Master's RUV...
26521d
Error: Failed to get Master RUV entry: {'desc': 'No such object'}
26521d
26521d
Fix Description:
26521d
26521d
add function to validate suffix exists and it's replicated
26521d
26521d
https://pagure.io/389-ds-base/issue/49997
26521d
26521d
Author: German Parente <gparente@redhat.com>
26521d
26521d
Review by: ???
26521d
---
26521d
 ldap/admin/src/scripts/ds-replcheck | 32 +++++++++++++++++++++++++++++
26521d
 1 file changed, 32 insertions(+)
26521d
26521d
diff --git a/ldap/admin/src/scripts/ds-replcheck b/ldap/admin/src/scripts/ds-replcheck
26521d
index e18465dc0..57748b09f 100755
26521d
--- a/ldap/admin/src/scripts/ds-replcheck
26521d
+++ b/ldap/admin/src/scripts/ds-replcheck
26521d
@@ -816,6 +816,30 @@ def check_for_diffs(mentries, mglue, rentries, rglue, report, opts):
26521d
 
26521d
     return report
26521d
 
26521d
+def validate_suffix(ldapnode, suffix, hostname):
26521d
+   # Validate suffix exists
26521d
+   try:
26521d
+      master_basesuffix = ldapnode.search_s(suffix, ldap.SCOPE_BASE )
26521d
+   except ldap.NO_SUCH_OBJECT:
26521d
+      print("Error: Failed to validate suffix in {}. {} does not exist.".format(hostname, suffix))
26521d
+      return False
26521d
+   except ldap.LDAPError as e:
26521d
+      print("Error: failed to validate suffix in {} ({}). ".format(hostname, str(e)))
26521d
+      return False
26521d
+
26521d
+   # Check suffix is replicated
26521d
+   try:
26521d
+      replica_filter = "(&(objectclass=nsds5replica)(nsDS5ReplicaRoot=%s))" % suffix
26521d
+      master_replica = ldapnode.search_s("cn=config",ldap.SCOPE_SUBTREE,replica_filter)
26521d
+      if (len(master_replica) != 1):
26521d
+        print("Error: Failed to validate suffix in {}. {} is not replicated.".format(hostname, suffix))
26521d
+        return False
26521d
+   except ldap.LDAPError as e:
26521d
+      print("Error: failed to validate suffix in {} ({}). ".format(hostname, str(e)))
26521d
+      return False
26521d
+
26521d
+   return True
26521d
+
26521d
 
26521d
 def connect_to_replicas(opts):
26521d
     ''' Start the paged results searches
26521d
@@ -888,6 +912,14 @@ def connect_to_replicas(opts):
26521d
               "Please check your credentials and LDAP urls are correct.".format(str(e)))
26521d
         exit(1)
26521d
 
26521d
+    # Validate suffix
26521d
+    print ("Validating suffix ...")
26521d
+    if not validate_suffix(master, opts['suffix'], opts['mhost']):
26521d
+      exit(1)
26521d
+
26521d
+    if not validate_suffix(replica,opts['suffix'], opts['rhost']):
26521d
+      exit(1)
26521d
+
26521d
     # Get the RUVs
26521d
     print ("Gathering Master's RUV...")
26521d
     try:
26521d
-- 
26521d
2.17.2
26521d