On Tue, 2012-02-28 at 17:36 -0500, Rob Crittenden wrote: > We were setting the GID of migrated users to that of the default user's > group (ipausers) when it should have been the same as the UID unless UPG > was disabled. > > This does the right thing and fixes migration which was broken when we > made ipausers a non-posix group. > > rob
NACK This is a good start, but you missed a case when UPGs are disabled. We crash in that case: # ipa-managed-entries -e 'UPG Definition' disable Disabling Plugin # ipa migrate-ds --user-container=ou=People --group-container=ou=Groups ldap://vm-054.idm.lab.bos.redhat.com --bind-dn="cn=Directory Manager" Password: ipa: ERROR: an internal error has occurred /var/log/httpd/error_log: [Wed Feb 29 09:15:36 2012] [error] ipa: ERROR: non-public: KeyError: 'gidnumber' [Wed Feb 29 09:15:36 2012] [error] Traceback (most recent call last): [Wed Feb 29 09:15:36 2012] [error] File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 314, in wsgi_execute [Wed Feb 29 09:15:36 2012] [error] result = self.Command[name](*args, **options) [Wed Feb 29 09:15:36 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 443, in __call__ [Wed Feb 29 09:15:36 2012] [error] ret = self.run(*args, **options) [Wed Feb 29 09:15:36 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 721, in run [Wed Feb 29 09:15:36 2012] [error] return self.execute(*args, **options) [Wed Feb 29 09:15:36 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration. py", line 667, in execute [Wed Feb 29 09:15:36 2012] [error] ldap, config, ds_ldap, ds_base_dn, options [Wed Feb 29 09:15:36 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration. py", line 605, in migrate [Wed Feb 29 09:15:36 2012] [error] **blacklists [Wed Feb 29 09:15:36 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/migration. py", line 125, in _pre_migrate_user [Wed Feb 29 09:15:36 2012] [error] ctx['def_group_gid'] = g_attrs['gidnumber'][0] [Wed Feb 29 09:15:36 2012] [error] KeyError: 'gidnumber' [Wed Feb 29 09:15:36 2012] [error] ipa: INFO: ad...@idm.lab.bos.redhat.com: migrate_ds(u'ldap://vm-054.idm.lab.bos.redhat.com', u'********', binddn=u'cn=Directory Manager', usercontainer=u'ou=People', groupcontainer=u'ou=Groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames', u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None, groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False, exclude_groups=None, exclude_users=None): KeyError Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
