URL: https://github.com/freeipa/freeipa/pull/2263 Author: flo-renaud Title: #2263: DS replication settings: fix regression with <3.3 master Action: opened
PR body: """ Commit 811b0fdb4620938963f1a29d3fdd22257327562c introduced a regression when configuring replication with a master < 3.3 Even if 389-ds schema is extended with nsds5ReplicaReleaseTimeout, nsds5ReplicaBackoffMax and nsDS5ReplicaBindDnGroupCheckInterval attributes, it will return UNWILLING_TO_PERFORM when a mod operation is performed on the cn=replica entry. This patch ignores the error and logs a debug msg. See: https://pagure.io/freeipa/issue/7617 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2263/head:pr2263 git checkout pr2263
From acfc4ac1d393c788e2e70a97b3a03a870d02fb92 Mon Sep 17 00:00:00 2001 From: Florence Blanc-Renaud <f...@redhat.com> Date: Tue, 21 Aug 2018 11:37:17 +0200 Subject: [PATCH] DS replication settings: fix regression with <3.3 master Commit 811b0fdb4620938963f1a29d3fdd22257327562c introduced a regression when configuring replication with a master < 3.3 Even if 389-ds schema is extended with nsds5ReplicaReleaseTimeout, nsds5ReplicaBackoffMax and nsDS5ReplicaBindDnGroupCheckInterval attributes, it will return UNWILLING_TO_PERFORM when a mod operation is performed on the cn=replica entry. This patch ignores the error and logs a debug msg. See: https://pagure.io/freeipa/issue/7617 --- ipaserver/install/replication.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index 78c4a43cc9..ae48577c4d 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -600,7 +600,18 @@ def finalize_replica_config(self, r_hostname, r_binddn=None, r_conn.simple_bind(r_binddn, r_bindpw) else: r_conn.gssapi_bind() - self._finalize_replica_settings(r_conn) + try: + self._finalize_replica_settings(r_conn) + except errors.DatabaseError as e: + # On FreeIPA < 3.3 masters lacking support for the attributes + # defined in REPLICA_FINAL_SETTINGS, + # the update will return Unwilling to perform + # Ignore the error + if str(e).startswith('Server is unwilling to perform'): + logger.debug("replication attribute not supported " + "on remote master (%s)", e) + else: + raise e r_conn.close() def setup_chaining_backend(self, conn):
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/freeipa-devel@lists.fedorahosted.org/message/WYU5XTYYHIVBSEUFFBAGAV47XR2N5G7U/
