zrhoffman / rpms / 389-ds-base

Forked from rpms/389-ds-base 3 years ago
Clone
Blob Blame History Raw
From d116dd899b4ad64b0ab14f3e153e76a95f54937e Mon Sep 17 00:00:00 2001
From: German Parente <gparente@redhat.com>
Date: Sun, 28 Oct 2018 16:29:09 +0100
Subject: [PATCH] Ticket 49997 RFE: ds-replcheck could validate suffix exists
 and it's replicated

Bug Description:

seen at customer site, as first request to ldap database is the RUV, if the suffix provided in the command line does not exist or it's not replicated, we have an error message that it's regarding the RUV:

ds-replcheck -D "cn=directory manager" -w secret12 -b "o=ipaca" -r ldap://ipamaster.germanparente.local:389 -m ldap://ipareplica.germanparente.local
Performing online report...
Connecting to servers...
Gathering Master's RUV...
Error: Failed to get Master RUV entry: {'desc': 'No such object'}

Fix Description:

add function to validate suffix exists and it's replicated

https://pagure.io/389-ds-base/issue/49997

Author: German Parente <gparente@redhat.com>

Review by: ???
---
 ldap/admin/src/scripts/ds-replcheck | 32 +++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/ldap/admin/src/scripts/ds-replcheck b/ldap/admin/src/scripts/ds-replcheck
index e18465dc0..57748b09f 100755
--- a/ldap/admin/src/scripts/ds-replcheck
+++ b/ldap/admin/src/scripts/ds-replcheck
@@ -816,6 +816,30 @@ def check_for_diffs(mentries, mglue, rentries, rglue, report, opts):
 
     return report
 
+def validate_suffix(ldapnode, suffix, hostname):
+   # Validate suffix exists
+   try:
+      master_basesuffix = ldapnode.search_s(suffix, ldap.SCOPE_BASE )
+   except ldap.NO_SUCH_OBJECT:
+      print("Error: Failed to validate suffix in {}. {} does not exist.".format(hostname, suffix))
+      return False
+   except ldap.LDAPError as e:
+      print("Error: failed to validate suffix in {} ({}). ".format(hostname, str(e)))
+      return False
+
+   # Check suffix is replicated
+   try:
+      replica_filter = "(&(objectclass=nsds5replica)(nsDS5ReplicaRoot=%s))" % suffix
+      master_replica = ldapnode.search_s("cn=config",ldap.SCOPE_SUBTREE,replica_filter)
+      if (len(master_replica) != 1):
+        print("Error: Failed to validate suffix in {}. {} is not replicated.".format(hostname, suffix))
+        return False
+   except ldap.LDAPError as e:
+      print("Error: failed to validate suffix in {} ({}). ".format(hostname, str(e)))
+      return False
+
+   return True
+
 
 def connect_to_replicas(opts):
     ''' Start the paged results searches
@@ -888,6 +912,14 @@ def connect_to_replicas(opts):
               "Please check your credentials and LDAP urls are correct.".format(str(e)))
         exit(1)
 
+    # Validate suffix
+    print ("Validating suffix ...")
+    if not validate_suffix(master, opts['suffix'], opts['mhost']):
+      exit(1)
+
+    if not validate_suffix(replica,opts['suffix'], opts['rhost']):
+      exit(1)
+
     # Get the RUVs
     print ("Gathering Master's RUV...")
     try:
-- 
2.17.2