Hi, With 389-ds-base 1.3.3. comes the dynamic plugin support. We need to restart the server right after modifying the schema, as the plugins will be enabled at the point they are added (and not at the next server restart).
Properly handle both situations in the installer. https://fedorahosted.org/freeipa/ticket/4203 -- Tomas Babej Associate Software Engineer | Red Hat | Identity Management RHCE | Brno Site | IRC: tbabej | freeipa.org
>From 8149018cfb81a3e9ec9cb164617f1875656d9354 Mon Sep 17 00:00:00 2001 From: Tomas Babej <[email protected]> Date: Tue, 17 Jun 2014 15:18:49 +0200 Subject: [PATCH] dsinstance: Detect dynamic plugin support and restart server accordingly With 389-ds-base 1.3.3. come the dynamic plugin support. We need to restart the server right after modifying the schema, as the plugins will be enabled at the point they are added (and not at the next server restart). Properly handle both situations in the installer. https://fedorahosted.org/freeipa/ticket/4203 --- ipaserver/install/dsinstance.py | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 2a9f3b618cc8e165821fefb9cede602cad8d6999..6d208047243019292877624932d5b988be980541 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -262,6 +262,7 @@ class DsInstance(service.Service): self.step("creating directory server user", create_ds_user) self.step("creating directory server instance", self.__create_instance) self.step("adding default schema", self.__add_default_schemas) + self.step("detecting dynamic plugin support", self.__detect_dynamic_plugin_support) self.step("enabling memberof plugin", self.__add_memberof_module) self.step("enabling winsync plugin", self.__add_winsync_module) self.step("configuring replication version plugin", self.__config_version_module) @@ -283,7 +284,7 @@ class DsInstance(service.Service): self.step("configure new location for managed entries", self.__repoint_managed_entries) self.step("configure dirsrv ccache", self.configure_dirsrv_ccache) self.step("enable SASL mapping fallback", self.__enable_sasl_mapping_fallback) - self.step("restarting directory server", self.__restart_instance) + self.step("restarting directory server", self.__restart_instance_final) def __common_post_setup(self): self.step("initializing group membership", self.init_memberof) @@ -387,6 +388,23 @@ class DsInstance(service.Service): self.start_creation(runtime=60) + def __detect_dynamic_plugin_support(self): + if not self.admin_conn: + self.ldap_connect() + + # Check that dynamic plugins are enabled + result = self.admin_conn.conn.search_s( + DN("cn=config"), + ldap.SCOPE_BASE, + attrlist=["nsslapd-dynamic-plugins"])[0] + + enabled = result.get("nsslapd-dynamic-plugins") == ['on'] + self.dynamic_plugins_enabled = enabled + + # If the dynamic plugins are enabled, we need to restart to apply the + # new schema + if enabled: + self.__restart_instance() def __setup_replica(self): replication.enable_replication_version_checking(self.fqdn, @@ -503,13 +521,20 @@ class DsInstance(service.Service): try: super(DsInstance, self).restart(instance) if not is_ds_running(instance): - root_logger.critical("Failed to restart the directory server. See the installation log for details.") + root_logger.critical("Failed to restart the directory server. " + "See the installation log for details.") sys.exit(1) except SystemExit, e: raise e except Exception, e: # TODO: roll back here? - root_logger.critical("Failed to restart the directory server (%s). See the installation log for details." % e) + root_logger.critical("Failed to restart the directory server (%s). " + "See the installation log for details." % e) + + def __restart_instance_final(self): + # This restart is necessary only if dynamic plugins are not allowed + if not self.dynamic_plugins_enabled: + self.__restart_instance() def __restart_instance(self): self.restart(self.serverid) -- 1.9.3
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
