Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 157497 Details for
Bug 244749
Configure Pass Thru Auth
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
cvs diffs
244749.diffs (text/plain), 14.36 KB, created by
Noriko Hosoi
on 2007-06-20 21:23:34 UTC
(
hide
)
Description:
cvs diffs
Filename:
MIME Type:
Creator:
Noriko Hosoi
Created:
2007-06-20 21:23:34 UTC
Size:
14.36 KB
patch
obsolete
>Index: 00nsroot_backend.ldif.tmpl >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/00nsroot_backend.ldif.tmpl,v >retrieving revision 1.2 >diff -t -w -U4 -r1.2 00nsroot_backend.ldif.tmpl >--- 00nsroot_backend.ldif.tmpl 18 Jun 2007 17:14:50 -0000 1.2 >+++ 00nsroot_backend.ldif.tmpl 20 Jun 2007 21:10:01 -0000 >@@ -12,6 +12,7 @@ > objectClass: top > objectClass: extensibleObject > objectClass: nsMappingTree > cn: "o=NetscapeRoot" >+cn: o=NetscapeRoot > nsslapd-state: backend > nsslapd-backend: NetscapeRoot > >Index: 01nsroot.ldif.tmpl >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/01nsroot.ldif.tmpl,v >retrieving revision 1.2 >diff -t -w -U4 -r1.2 01nsroot.ldif.tmpl >--- 01nsroot.ldif.tmpl 13 Jun 2007 20:03:06 -0000 1.2 >+++ 01nsroot.ldif.tmpl 20 Jun 2007 21:10:01 -0000 >@@ -4,8 +4,9 @@ > o: NetscapeRoot > aci: (targetattr="*")(version 3.0; acl "Enable Configuration Administrator Group modification"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";) > aci: (targetattr="*")(targetfilter=(o=NetscapeRoot))(version 3.0; acl "Default anonymous access"; allow (read, search) userdn="ldap:///anyone";) > aci: (targetattr="*")(version 3.0; acl "Enable Group Expansion"; allow (read, search, compare) groupdnattr="uniquemember";) >+aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > > dn: ou=TopologyManagement, o=NetscapeRoot > objectClass: top > objectClass: organizationalunit >@@ -53,8 +54,9 @@ > dn: ou=Global Preferences, ou=%domain%, o=NetscapeRoot > objectClass: top > objectClass: organizationalunit > ou: Global Preferences >+aci: (targetattr=*)(version 3.0; acl "Enable anonymous access"; allow(read,search) userdn="ldap:///anyone";) > > dn: ou=Host Preferences, ou=%domain%, o=NetscapeRoot > objectClass: top > objectClass: organizationalunit >@@ -86,4 +88,6 @@ > nsAdminSIEDN: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot > cn: Server Group > uniqueMember: cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot > uniqueMember: cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot >+aci: (targetattr=*)(targetfilter=(nsconfigRoot=*))(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) >+aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) userdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > >Index: 20asdata.ldif.tmpl >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/20asdata.ldif.tmpl,v >retrieving revision 1.2 >diff -t -w -U4 -r1.2 20asdata.ldif.tmpl >--- 20asdata.ldif.tmpl 19 Jun 2007 18:32:28 -0000 1.2 >+++ 20asdata.ldif.tmpl 20 Jun 2007 21:10:01 -0000 >@@ -9,11 +9,11 @@ > nsProductVersion: %as_version% > nsBuildNumber: %as_buildnum% > nsInstalledLocation: %as_installedlocation% > nsBuildSecurity: domestic >-nsServerMigrationClassname: com.netscape.management.admserv.AdminServerProduct >- @%as_console_jar% >+nsServerMigrationClassname: com.netscape.management.admserv.AdminServerProduct@%as_console_jar% > uniqueMember: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot >+aci: (targetattr=*)(targetfilter=(nsNickName=*))(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=%brand% Admin istration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > > dn: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot > objectClass: top > objectClass: netscapeServer >@@ -25,8 +25,10 @@ > serverRoot: %as_serverroot% > serverProductName: Administration Server > serverHostName: %fqdn% > uniqueMember: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot >+aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) >+aci: (targetattr="uniquemember || serverProductName || administratorContactInfo || userpassword || description")(targetfilter=(objectclass=netscapeServer))(version 3.0; acl "Enable access delegation"; allow (write) groupdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > > dn: cn=configuration, cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot > objectClass: nsConfig > objectClass: nsAdminConfig >@@ -49,5 +51,7 @@ > nsAdminAccessAddresses: * > nsAdminOneACLDir: adminacl > nsDefaultAcceptLanguage: en > nsClassname: com.netscape.management.admserv.AdminServer@%as_console_jar%@cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot >+aci: (targetattr=*)(version 3.0; acl "Enable delegated admin to access configuration"; allow (read, search) groupdn="ldap:///cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) >+aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > >====================================== >12dsconfig.mod.tmpl >====================================== >dn: cn=config >changetype: modify >add: aci >aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";) >aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) >aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > >dn: cn=SNMP,cn=config >changetype: modify >add: aci >aci: (target="ldap:///cn=SNMP,cn=config")(targetattr !="aci")(version 3.0;acl "snmp";allow (read, search, compare)(userdn = "ldap:///anyone");) > >dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config >changetype: modify >add: aci >aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow( read, search, compare, proxy ) userdn = "ldap:///all";) > >====================================== >13dsschema.mod.tmpl >====================================== >dn: cn=schema >changetype: modify >add: aci >aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";) >aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";) >aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) >aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) > >Index: Util.pm.in >=================================================================== >RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/Util.pm.in,v >retrieving revision 1.1 >diff -t -w -U4 -r1.1 Util.pm.in >--- Util.pm.in 19 Jun 2007 18:24:57 -0000 1.1 >+++ Util.pm.in 20 Jun 2007 21:11:09 -0000 >@@ -119,8 +119,11 @@ > return 0; > } > > my %ignorelist = ( >+ "nsslapd-directory", "nsslapd-directory", >+ "nsslapd-require-index", "nsslapd-require-index", >+ "nsslapd-readonly", "nsslapd-readonly", > "modifytimestamp", "modifyTimestamp", > "createtimestamp", "createTimestamp", > "installationtimestamp", "installationTimestamp", > "creatorsname", "creatorsName", >@@ -128,9 +131,10 @@ > "numsubordinates", "numSubordinates" > ); > > my %speciallist = ( >- "uniquemember", 1 >+ "uniquemember", 1, >+ "aci", 1 > ); > > # compare 2 entries > # return 0 if they match 100% (exception: %ignorelist). >@@ -210,45 +214,91 @@ > my ($context, $aentry) = @_; > my $conn = $context->[0]; > my $fresh = $context->[1]; > my $verbose = $context->[2]; >+ my @ctypes = $aentry->getValues("changetype"); > my $sentry = $conn->search($aentry->{dn}, "base", "(objectclass=*)"); > do > { >- my $needtoadd = 1; >- my $needtomod = 0; >- my $rval = -1; >+ my $needtoadd; >+ my $MOD_NONE = 0; >+ my $MOD_ADD = 1; >+ my $MOD_REPLACE = 2; >+ my $MOD_SPECIAL = 3; >+ # $needtomod stores either of the above $MOD_ values >+ # note: delete is not supported >+ my $needtomod; >+ if ( 0 > $#ctypes ) # aentry: complete entry >+ { >+ $needtoadd = 1; >+ $needtomod = 0; #$MOD_NONE >+ >+ my $rc = -1; > if ( $sentry && !$fresh ) > { >- $rval = comp_entries( $sentry, $aentry ); >+ $rc = comp_entries( $sentry, $aentry ); > } >- if ( 0 == $rval && !$fresh ) >+ if ( 0 == $rc && !$fresh ) > { > # the identical entry exists on the configuration DS. > # no need to add the entry. > $needtoadd = 0; > goto out; > } >- elsif ( (1 == $rval) && !$fresh ) >+ elsif ( (1 == $rc) && !$fresh ) > { > $needtoadd = 0; >- $needtomod = 1; >+ $needtomod = $MOD_ADD; > } > elsif ( $sentry && $sentry->{dn} ) > { >- # $fresh || $rval == -1 >+ # $fresh || $rc == -1 > # an entry having the same DN exists, but the attributes do not > # match. remove the entry and the subtree underneath. > if ( $verbose ) > { > print "Deleting an entry dn: $sentry->{dn} ...\n"; > } >- $rval = delete_all($conn, $sentry); >- if ( 0 != $rval ) >+ $rc = delete_all($conn, $sentry); >+ if ( 0 != $rc ) > { > return 0; > } > } >+ } >+ else # aentry: modify format >+ { >+ $needtoadd = 0; >+ if ( $sentry ) >+ { >+ my @atypes = $aentry->getValues("add"); >+ if ( 0 <= $#atypes ) >+ { >+ $needtomod = $MOD_ADD; >+ } >+ else >+ { >+ @atypes = $aentry->getValues("replace"); >+ if ( 0 <= $#atypes ) >+ { >+ $needtomod = $MOD_REPLACE; >+ } >+ else >+ { >+ @atypes = $aentry->getValues("delete"); >+ if ( 0 <= $#atypes ) >+ { >+ print "\"delete\" is not supported; ignoring...\n"; >+ } >+ $needtomod = $MOD_NONE; >+ } >+ } >+ } >+ else >+ { >+ $needtomod = $MOD_NONE; >+ } >+ } > > if ( 1 == $needtoadd ) > { > $conn->add($aentry); >@@ -260,14 +310,13 @@ > $aentry->printLDIF(); > $conn->close(); > return 0; > } >-# if ( $verbose ) >-# { >-# print "Entry $aentry->{dn} is added\n"; >-# } >+ debug("Entry $aentry->{dn} is added\n"); > } >- elsif ( 1 == $needtomod ) # $sentry exists >+ elsif ( 0 < $needtomod ) # $sentry exists >+ { >+ if ( $needtomod == $MOD_SPECIAL ) > { > foreach my $attr ( keys %speciallist ) > { > foreach my $nval ( @{$aentry->{$attr}} ) >@@ -275,8 +324,41 @@ > $sentry->addValue( $attr, $nval ); > } > } > $conn->update($sentry); >+ } >+ elsif ( $needtomod == $MOD_ADD ) >+ { >+ foreach my $attr ( keys %{$aentry} ) >+ { >+ next if $attr =~ /add|changetype/; >+ foreach my $nval ( @{$aentry->{$attr}} ) >+ { >+ $sentry->addValue( $attr, $nval ); >+ } >+ } >+ $conn->update($sentry); >+ } >+ elsif ( $needtomod == $MOD_REPLACE ) >+ { >+ my $entry = new Mozilla::LDAP::Entry(); >+ $entry->setDN($aentry->getDN()); >+ foreach my $attr ( keys %{$aentry} ) >+ { >+ next if $attr =~ /replace|changetype/; >+ foreach my $nval ( @{$aentry->{$attr}} ) >+ { >+ $entry->addValue( $attr, $nval ); >+ } >+ } >+ $conn->update($entry); >+ } >+ else >+ { >+ print "ERROR: needtomod == $needtomod is not supported.\n"; >+ $conn->close(); >+ return 0; >+ } > my $rc = $conn->getErrorCode(); > if ( $rc != 0 ) > { > print "ERROR: updating an entry $sentry->{dn} failed, error code: $rc\n";
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=157497">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 244749
:
157336
| 157497 |
157506
|
157508
|
157554
|
157578
|
157579
|
157588
|
157662
|
157664
|
157671
|
157769
|
157772
|
157779
|
157978
|
158034
|
158070
|
158071
|
158140
|
158148