|
 |
34b659 |
From 3ff9fc2141e16e7cbd4fa30c16d60e915c2c3ee4 Mon Sep 17 00:00:00 2001
|
|
|
34b659 |
From: Martin Babinsky <mbabinsk@redhat.com>
|
|
|
34b659 |
Date: Wed, 7 Dec 2016 14:00:09 +0100
|
|
|
34b659 |
Subject: [PATCH] add missing attribute to ipaca replica during CA topology
|
|
|
34b659 |
update
|
|
|
34b659 |
|
|
|
34b659 |
'nsds5replicabinddngroupcheckinterval' attribute was not properly added
|
|
|
34b659 |
to 'o=ipaca' replica attribute during upgrade. The CA topology update
|
|
|
34b659 |
plugin should now add it to the entry if it exists.
|
|
|
34b659 |
|
|
|
34b659 |
https://fedorahosted.org/freeipa/ticket/6508
|
|
|
34b659 |
|
|
|
34b659 |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
|
|
34b659 |
---
|
|
|
34b659 |
ipaserver/install/plugins/update_ca_topology.py | 22 ++++++++++++++++++++++
|
|
|
34b659 |
1 file changed, 22 insertions(+)
|
|
|
34b659 |
|
|
|
34b659 |
diff --git a/ipaserver/install/plugins/update_ca_topology.py b/ipaserver/install/plugins/update_ca_topology.py
|
|
|
34b659 |
index d76849bf9de46b1e4ad52dbae7081b4d3aec5273..f82926b19175c3fd42bd794205ec4216fc776707 100644
|
|
|
34b659 |
--- a/ipaserver/install/plugins/update_ca_topology.py
|
|
|
34b659 |
+++ b/ipaserver/install/plugins/update_ca_topology.py
|
|
|
34b659 |
@@ -2,8 +2,10 @@
|
|
|
34b659 |
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
|
|
|
34b659 |
#
|
|
|
34b659 |
|
|
|
34b659 |
+from ipalib import errors
|
|
|
34b659 |
from ipalib import Registry
|
|
|
34b659 |
from ipalib import Updater
|
|
|
34b659 |
+from ipapython.dn import DN
|
|
|
34b659 |
from ipaserver.install import certs, cainstance
|
|
|
34b659 |
from ipaserver.install import ldapupdate
|
|
|
34b659 |
from ipaplatform.paths import paths
|
|
|
34b659 |
@@ -31,4 +33,24 @@ class update_ca_topology(Updater):
|
|
|
34b659 |
|
|
|
34b659 |
ld.update([paths.CA_TOPOLOGY_ULDIF])
|
|
|
34b659 |
|
|
|
34b659 |
+ ldap = self.api.Backend.ldap2
|
|
|
34b659 |
+
|
|
|
34b659 |
+ ca_replica_dn = DN(
|
|
|
34b659 |
+ ('cn', 'replica'),
|
|
|
34b659 |
+ ('cn', 'o=ipaca'),
|
|
|
34b659 |
+ ('cn', 'mapping tree'),
|
|
|
34b659 |
+ ('cn', 'config'))
|
|
|
34b659 |
+
|
|
|
34b659 |
+ check_interval_attr = 'nsds5replicabinddngroupcheckinterval'
|
|
|
34b659 |
+ default_check_interval = ['60']
|
|
|
34b659 |
+
|
|
|
34b659 |
+ try:
|
|
|
34b659 |
+ ca_replica_entry = ldap.get_entry(ca_replica_dn)
|
|
|
34b659 |
+ except errors.NotFound:
|
|
|
34b659 |
+ pass
|
|
|
34b659 |
+ else:
|
|
|
34b659 |
+ if check_interval_attr not in ca_replica_entry:
|
|
|
34b659 |
+ ca_replica_entry[check_interval_attr] = default_check_interval
|
|
|
34b659 |
+ ldap.update_entry(ca_replica_entry)
|
|
|
34b659 |
+
|
|
|
34b659 |
return False, []
|
|
|
34b659 |
--
|
|
|
34b659 |
2.7.4
|
|
|
34b659 |
|