Bug 1044198
| Summary: | Replication of the schema may overwrite consumer 'attributetypes' even if consumer definition is a superset | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Nathan Kinder <nkinder> |
| Component: | 389-ds-base | Assignee: | Rich Megginson <rmeggins> |
| Status: | CLOSED ERRATA | QA Contact: | Viktor Ashirov <vashirov> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | mreynolds, nhosoi, rmeggins, vashirov |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | 389-ds-base-1.3.3.1-1.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-03-05 09:33:02 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Nathan Kinder
2013-12-17 21:53:23 UTC
Please, provide verification steps. Thank you! It looks the owner of the ticket is Mark... Verification Steps: [1] Create two instances using "dc=example,dc=com" - replica A and replica B [2] Setup Multi-Master Replication(MMR) between the two servers [3] On Replica A create a new attribute "myAttribute" that is single valued (SINGLE-VALUE) ldapmodify ... dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466. 115.121.1.38 SINGLE-VALUE X-ORIGIN 'user defined' ) [4] On Replica B create a new attribute with the same name "myAttribute", but it should be multi-valued (no SINGLE-VALUE) ldapmodify ... dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466. 115.121.1.38 X-ORIGIN 'user defined' ) [5] Add a dummy entry on Replica A to trigger replication, and the schema push. [6] Check the Replica B 'myAttribute" is still "multi-valued" or unchanged - meaning the attribute value does not contain "SINGLE-VALUE": attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466. 115.121.1.38 X-ORIGIN 'user defined' ) [7] On Replica A, the attributeTypes value should be changed to be multi-valued (no SINGLE-VALUE): attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466. 115.121.1.38 X-ORIGIN 'user defined' ) So both Replica A & B should have the same attributeTypes value for "myAttribute" (no "SINGLE-VALUE") [8] Done Mark, thank you for the verification steps! $ rpm -qa | grep 389 389-ds-base-1.3.3.1-12.el7.x86_64 389-ds-base-debuginfo-1.3.3.1-12.el7.x86_64 389-ds-base-libs-1.3.3.1-12.el7.x86_64 [1] Create two instances using "dc=example,dc=com" - replica A and replica B [2] Setup Multi-Master Replication(MMR) between the two servers [3] On Replica A create a new attribute "myAttribute" that is single valued (SINGLE-VALUE) $ ldapmodify -D "cn=Directory Manager" -w Secret123 -H ldap://localhost:1189 -a << EOF dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 SINGLE-VALUE X-ORIGIN 'user defined' ) EOF modifying entry "cn=schema" [4] On Replica B create a new attribute with the same name "myAttribute", but it should be multi-valued (no SINGLE-VALUE) $ ldapmodify -D "cn=Directory Manager" -w Secret123 -H ldap://localhost:1289 -a << EOF dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 X-ORIGIN 'user defined' ) EOF modifying entry "cn=schema" [5] Add a dummy entry on Replica A to trigger replication, and the schema push. $ ldapmodify -D "cn=Directory Manager" -w Secret123 -H ldap://localhost:1189 -a << EOF dn: cn=user1,ou=People,dc=example,dc=com objectClass: person objectClass: top cn: user1 sn: user1 EOF adding new entry "cn=user1,ou=People,dc=example,dc=com" [6] Check the Replica B 'myAttribute" is still "multi-valued" or unchanged - meaning the attribute value does not contain "SINGLE-VALUE": $ ldapsearch -D "cn=Directory Manager" -w Secret123 -H ldap://localhost:1189 -LLL -o ldif-wrap=no -b "cn=schema" -s base "objectclass=*" nscpEntryWSI | grep myAttribute nscpEntryWSI: attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 X-ORIGIN 'user defined' ) [7] On Replica A, the attributeTypes value should be changed to be multi-valued (no SINGLE-VALUE): $ ldapsearch -D "cn=Directory Manager" -w Secret123 -H ldap://localhost:1289 -LLL -o ldif-wrap=no -b "cn=schema" -s base "objectclass=*" nscpEntryWSI | grep myAttribute nscpEntryWSI: attributeTypes: ( myAttribute-oid NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 X-ORIGIN 'user defined' ) Both Replica A & B have the same attributeTypes value for "myAttribute" (no "SINGLE-VALUE"). Hence marking as VERIFIED. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0416.html |