Ondrej Hamada wrote:
On 11/29/2011 03:46 PM, Ondrej Hamada wrote:
https://fedorahosted.org/freeipa/ticket/2045
'ipa pwpolicy-find' output is now sorted by priority of the policies.
Lower position means lower priority. Global policy is then at the
bottom.
The changes has also affected LDAPSearch class in baseldap.py:
LDAPSearch class sorts the search results by primary key be default
(which is usually 'cn'). Therefor a function pointer entries_sortfn
was added. If no sorting function exists, default sorting by primary
key
is used.
Sorting function had to be introduced due to the fact that pwpolicy's
primary
key is also it's 'cn' and global policy is not allowed to have any
priority.
forget to attach the patch, sorry :-[
Doesn't work with the lite-server due to changing a ReadOnly value. I
think you have the right idea you just need to assign the sorting
statically instead of dynamically (it won't change after finalization).
$ ./ipa pwpolicy-add editors --minlife=2 --priority=9
ipa: DEBUG: Created connection context.ldap2
ipa: DEBUG: raw: pwpolicy_add(u'editors', krbminpwdlife=2,
cospriority=9, all=False, raw=False, version=u'2.15')
ipa: DEBUG: pwpolicy_add(u'editors', krbminpwdlife=2, cospriority=9,
all=False, raw=False, version=u'2.15')
ipa: DEBUG: raw: cosentry_add(u'editors',
krbpwdpolicyreference=u'cn=editors,cn=GREYOAK.COM,cn=kerberos,dc=greyoak,dc=com',
cospriority=9)
ipa: DEBUG: cosentry_add(u'editors',
krbpwdpolicyreference=u'cn=editors,cn=GREYOAK.COM,cn=kerberos,dc=greyoak,dc=com',
cospriority=9, all=False, raw=False)
ipa: DEBUG: raw: group_show(u'editors', all=True)
ipa: DEBUG: group_show(u'editors', rights=False, all=True, raw=False)
ipa: DEBUG: raw: cosentry_find(None, cospriority=9)
ipa: DEBUG: cosentry_find(None, cospriority=9, all=False, raw=False,
pkey_only=False)
ipa: ERROR: non-public: AttributeError: locked: cannot set
cosentry_find.entries_sortfn to <function <lambda> at 0x7f7abc33ec80>
Traceback (most recent call last):
File "/home/rcrit/redhat/freeipa-review/ipaserver/rpcserver.py", line
223, in wsgi_execute
result = self.Command[name](*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/frontend.py", line 438,
in __call__
ret = self.run(*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/frontend.py", line 756,
in run
return self.execute(*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/plugins/baseldap.py",
line 700, in execute
ldap, dn, entry_attrs, attrs_list, *keys, **options
File "/home/rcrit/redhat/freeipa-review/ipalib/plugins/pwpolicy.py",
line 346, in pre_callback
cospriority=options.get('cospriority')
File "/home/rcrit/redhat/freeipa-review/ipalib/frontend.py", line 438,
in __call__
ret = self.run(*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/frontend.py", line 756,
in run
return self.execute(*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/plugins/baseldap.py",
line 700, in execute
ldap, dn, entry_attrs, attrs_list, *keys, **options
File "/home/rcrit/redhat/freeipa-review/ipalib/plugins/pwpolicy.py",
line 127, in pre_callback
self.obj.check_priority_uniqueness(*keys, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/plugins/pwpolicy.py",
line 101, in check_priority_uniqueness
cospriority=options['cospriority']
File "/home/rcrit/redhat/freeipa-review/ipalib/frontend.py", line 438,
in __call__
ret = self.run(*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/frontend.py", line 756,
in run
return self.execute(*args, **options)
File "/home/rcrit/redhat/freeipa-review/ipalib/plugins/baseldap.py",
line 1620, in execute
self.entries_sortfn=lambda x,y:
cmp(x[1][self.obj.primary_key.name][0].lower(),
y[1][self.obj.primary_key.name][0].lower())
File "/home/rcrit/redhat/freeipa-review/ipalib/base.py", line 131, in
__setattr__
SET_ERROR % (self.__class__.__name__, name, value)
AttributeError: locked: cannot set cosentry_find.entries_sortfn to
<function <lambda> at 0x7f7abc33ec80>
ipa: INFO: ad...@greyoak.com: pwpolicy_add(u'editors',
krbminpwdlife=2, cospriority=9, all=False, raw=False,
version=u'2.15'): AttributeError
ipa: DEBUG: response: InternalError: an internal error has occurred
ipa: DEBUG: Destroyed connection context.ldap2
