On 07/27/2012 02:24 PM, Petr Viktorin wrote: > On 07/26/2012 11:48 PM, John Dennis wrote: >> I have applied the suggested fixes, rebased against master, run all the >> unit tests successfully, built RPM's, did a full install without errors, >> and brought up the web UI successfully. >> >> The current code can be found here: >> >> git clone git://fedorapeople.org/~jdennis/freeipa.dn.git >> git checkout dn >> >> I did not squash the individual commits (but they should be before we >> apply to master). > > Thank you! > >> Please test (again). >> >> I continue to believe the greatest lurking liability is the installer >> code and the individual command line utilities (e.g. replica-manage, >> etc.) Aside from the server install I have not exercised those components. > > Please test them, most of them just don't work. They're practically the only > ones that use the old Entity & Entry, so related bugs won't show up unless you > run the utilities. > > > > > ipa-ldap-updater still fails: > > 2012-07-27T10:21:05Z DEBUG Traceback (most recent call last): > File > "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", > line 112, in __upgrade > self.modified = ld.update(self.files) > File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", > line > 879, in update > updates = api.Backend.updateclient.update(POST_UPDATE, self.dm_password, > self.ldapi, self.live_run) > File > "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py", > line 134, in update > if dn not in rdn_count_list[rdn_count]: > IndexError: list index out of range > > The offending code is: > rdn_count = len(DN(dn)) > rdn_count_list = dn_by_rdn_count.setdefault(rdn_count, []) > if dn not in rdn_count_list[rdn_count]: > rdn_count_list[rdn_count].append(dn) > > rdn_count_list is dn_by_rdn_count[rdn_count]; indexing with rdn_count again is > an error. > > I find the variable names are a bit confusing here. > > > > > ipa-replica-prepare is also unusable: > > $ sudo ipa-replica-prepare vm-125.$DOMAIN --ip-address $IP > Directory Manager (existing master) password: > > Preparing replica for vm-125.idm.lab.bos.redhat.com from > vm-134.idm.lab.bos.redhat.com > preparation of replica failed: '__getitem__' > '__getitem__' > File "/sbin/ipa-replica-prepare", line 461, in <module> > main() > > File "/sbin/ipa-replica-prepare", line 309, in main > dirman_password) > > File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", > line 99, in enable_replication_version_checking > conn.modify_s(entry[0].dn, [(ldap.MOD_REPLACE, 'nsslapd-pluginenabled', > 'on')]) > > File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 143, in > __getattr__ > return self.__dict__[name] > > i.e. entry[0] tries to call entry.__getitem__. > > I haven't tested any replica-related tools since I couldn't prepare a replica. > > > > > ipa-compliance still has the same error as before > > > > > ipa-managed-entries still fails: > File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", > line 607, in run_script > return_value = main_function() > > File "install/tools/ipa-managed-entries", line 133, in main > managed_entries = [entry.cn for entry in entries] > > You need entry.data['cn'] instead. > > > > > I also get several errors in the DNS plugin test suite: > > Traceback (most recent call last): > File "/home/pviktori/freeipa/ipaserver/rpcserver.py", line 332, in > wsgi_execute > result = self.Command[name](*args, **options) > File "/home/pviktori/freeipa/ipalib/frontend.py", line 435, in __call__ > ret = self.run(*args, **options) > File "/home/pviktori/freeipa/ipalib/frontend.py", line 747, in run > return self.execute(*args, **options) > File "/home/pviktori/freeipa/ipalib/plugins/dns.py", line 2458, in execute > result = super(dnsrecord_mod, self).execute(*keys, **options) > File "/home/pviktori/freeipa/ipalib/plugins/baseldap.py", line 1351, in > execute > assert isinstance(dn, DN) > AssertionError > > ipa: INFO: ad...@idm.lab.bos.redhat.com: dnsrecord_mod(u'dnszone.test', > u'testcnamerec', arecord=(u'10.0.0.1',), cnamerecord=None, rights=False, > structured=False, all=False, raw=False, version=u'2.41'): AssertionError > > This is a good catch; the dnsrecord_mod post_callback should return the DN, > not > None. >
I started reviewing the latest state of your DN effort in your git repo. It is in much better shape than before, but I still found some issues in utilities we use. I am sending what I have found so far. 1) ipa-managed-entries is broken # ipa-managed-entries -l Available Managed Entry Definitions: [u'UPG Definition'] [u'NGP Definition'] # ipa-managed-entries -e 'UPG Definition' status Unexpected error AttributeError: 'LDAPEntry' object has no attribute 'originfilter' 2) ipa-replica-prepare is broken when --ip-address is passed # ipa-replica-prepare vm-055.idm.lab.bos.redhat.com --ip-address=10.16.78.55 Directory Manager (existing master) password: Preparing replica for vm-055.idm.lab.bos.redhat.com from vm-086.idm.lab.bos.redhat.com Creating SSL certificate for the Directory Server Creating SSL certificate for the dogtag Directory Server Creating SSL certificate for the Web Server Exporting RA certificate Copying additional files Finalizing configuration Packaging replica information into /var/lib/ipa/replica-info-vm-055.idm.lab.bos.redhat.com.gpg Adding DNS records for vm-055.idm.lab.bos.redhat.com preparation of replica failed: invalid 'ip_address': Gettext('invalid IP address format', domain='ipa', localedir=None) invalid 'ip_address': Gettext('invalid IP address format', domain='ipa', localedir=None) File "/sbin/ipa-replica-prepare", line 464, in <module> main() File "/sbin/ipa-replica-prepare", line 452, in main add_zone(domain) File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 302, in add_zone idnsallowtransfer=u'none',) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 433, in __call__ self.validate(**params) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 705, in validate param.validate(value, self.env.context, supplied=param.name in kw) File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 879, in validate self._validate_scalar(value) File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 900, in _validate_scalar rule=rule, 3) ipa-replica-manage list is broken: # ipa-replica-manage list Failed to get data from 'vm-086.idm.lab.bos.redhat.com': base="cn=replicas,cn=ipa,cn=etc,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com", scope=1, filterstr="(objectClass=*)" I think the problem here is that the following code in ipa-replica-manage returns an exception when no entry in cn=replicas is found (which is ok): dn = DN(('cn', 'replicas'), ('cn', 'ipa'), ('cn', 'etc'), ipautil.realm_to_suffix(realm)) entries = conn.getList(dn, ldap.SCOPE_ONELEVEL) 4) IPA compliance is broken # ipa-compliance IPA compliance checking failed: This is the traceback (some DN was left in string format): Traceback (most recent call last): File "/sbin/ipa-compliance", line 198, in <module> main() File "/sbin/ipa-compliance", line 179, in main check_compliance(tmpdir, options.debug) File "/sbin/ipa-compliance", line 121, in check_compliance size_limit = -1) File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 1087, in find_entries assert isinstance(base_dn, DN) AssertionError Btw. Petr Vobornik is testing Web UI, so far so good on this side... Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel