Upgrade plugins which modify LDAP data directly should not be executed
in --test mode.
This patch is a workaround, to ensure update with --test option will not
modify any LDAP data.
https://fedorahosted.org/freeipa/ticket/3448
Patch attached.
--
Martin Basti
From 0616696080c25531d9dd5c30d7e32e0a7da9ed6c Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Fri, 6 Mar 2015 17:44:47 +0100
Subject: [PATCH] Server Upgrade: respect --test option in plugins
Several plugins do the LDAP data modification directly.
In test mode these plugis should not be executed.
https://fedorahosted.org/freeipa/ticket/3448
---
ipaserver/install/plugins/dns.py | 9 +++++++++
ipaserver/install/plugins/fix_replica_agreements.py | 4 ++++
ipaserver/install/plugins/update_idranges.py | 7 +++++++
ipaserver/install/plugins/update_managed_permissions.py | 4 ++++
ipaserver/install/plugins/update_pacs.py | 4 ++++
ipaserver/install/plugins/update_referint.py | 3 +++
ipaserver/install/plugins/update_services.py | 4 ++++
7 files changed, 35 insertions(+)
diff --git a/ipaserver/install/plugins/dns.py b/ipaserver/install/plugins/dns.py
index f562978bcbcc02321c0e9a668af88b4f596f8556..2e33982e7d53cad794cca5867aa94a0df766eff8 100644
--- a/ipaserver/install/plugins/dns.py
+++ b/ipaserver/install/plugins/dns.py
@@ -60,6 +60,10 @@ class update_dnszones(PostUpdate):
order=MIDDLE
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_dnszones'")
+ return False, False, ()
+
ldap = self.obj.backend
if not dns_container_exists(ldap):
return (False, False, [])
@@ -159,6 +163,11 @@ class update_master_to_dnsforwardzones(PostUpdate):
backup_path = u'%s%s' % (backup_dir, backup_filename)
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping "
+ "'update_master_to_dnsforwardzones'")
+ return False, False, ()
+
ldap = self.obj.backend
# check LDAP if forwardzones already uses new semantics
dns_container_dn = DN(api.env.container_dns, api.env.basedn)
diff --git a/ipaserver/install/plugins/fix_replica_agreements.py b/ipaserver/install/plugins/fix_replica_agreements.py
index a5ff4819fa4c432b378a9f1c0f6952bc312a6792..597a133145e1cad2265386bf6eb55d47fefa86e3 100644
--- a/ipaserver/install/plugins/fix_replica_agreements.py
+++ b/ipaserver/install/plugins/fix_replica_agreements.py
@@ -38,6 +38,10 @@ class update_replica_attribute_lists(PreUpdate):
order = MIDDLE
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping "
+ "'update_replica_attribute_lists'")
+ return False, False, ()
# We need an IPAdmin connection to the backend
self.log.debug("Start replication agreement exclude list update task")
conn = ipaldap.IPAdmin(api.env.host, ldapi=True, realm=api.env.realm)
diff --git a/ipaserver/install/plugins/update_idranges.py b/ipaserver/install/plugins/update_idranges.py
index 1aa5fa7631fd35a7aaf4a23a5eee44e4e0a2e904..cc462ef1265e3bee2137df1c787d93b048981e25 100644
--- a/ipaserver/install/plugins/update_idranges.py
+++ b/ipaserver/install/plugins/update_idranges.py
@@ -33,6 +33,9 @@ class update_idrange_type(PostUpdate):
order = MIDDLE
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_idrange_type'")
+ return False, False, ()
ldap = self.obj.backend
base_dn = DN(api.env.container_ranges, api.env.basedn)
@@ -121,6 +124,10 @@ class update_idrange_baserid(PostUpdate):
order = LAST
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_idrange_baserid'")
+ return False, False, ()
+
ldap = self.obj.backend
base_dn = DN(api.env.container_ranges, api.env.basedn)
diff --git a/ipaserver/install/plugins/update_managed_permissions.py b/ipaserver/install/plugins/update_managed_permissions.py
index 430a2919a315bfd8d8e6174a915890d44b782c5c..55e1068540d99ad189aa85682ba9ef1e96293abb 100644
--- a/ipaserver/install/plugins/update_managed_permissions.py
+++ b/ipaserver/install/plugins/update_managed_permissions.py
@@ -402,6 +402,10 @@ class update_managed_permissions(PostUpdate):
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_managed_permissions'")
+ return False, False, ()
+
ldap = self.api.Backend[ldap2]
anonymous_read_aci = self.get_anonymous_read_aci(ldap)
diff --git a/ipaserver/install/plugins/update_pacs.py b/ipaserver/install/plugins/update_pacs.py
index 653456bb84d5464022024f5baaf4a7543f01f96f..1286d75114254052f8d368976856298f0d8e79d5 100644
--- a/ipaserver/install/plugins/update_pacs.py
+++ b/ipaserver/install/plugins/update_pacs.py
@@ -31,6 +31,10 @@ class update_pacs(PostUpdate):
order = MIDDLE
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_pacs'")
+ return False, False, ()
+
ldap = self.obj.backend
try:
diff --git a/ipaserver/install/plugins/update_referint.py b/ipaserver/install/plugins/update_referint.py
index 1b7411035b27ebba04246a7ee6f220d470b46688..c6c62b70ff2230b208e498574a50caabdadc8f9c 100644
--- a/ipaserver/install/plugins/update_referint.py
+++ b/ipaserver/install/plugins/update_referint.py
@@ -28,6 +28,9 @@ class update_referint(PreUpdate):
('cn', 'plugins'), ('cn', 'config'))
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_referint'")
+ return False, False, ()
root_logger.debug("Upgrading referential integrity plugin configuration")
ldap = self.obj.backend
diff --git a/ipaserver/install/plugins/update_services.py b/ipaserver/install/plugins/update_services.py
index 2122abb10a14824ea752123cb59bea8ce9a7d665..d213ace62ef087b71355ea033c81f3c7fd63330f 100644
--- a/ipaserver/install/plugins/update_services.py
+++ b/ipaserver/install/plugins/update_services.py
@@ -33,6 +33,10 @@ class update_service_principalalias(PostUpdate):
order = MIDDLE
def execute(self, **options):
+ if not options.get('live_run'):
+ self.log.info("Test mode: skipping 'update_service_principalalias'")
+ return False, False, ()
+
ldap = self.obj.backend
base_dn = DN(api.env.container_service, api.env.basedn)
--
2.1.0
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code