Bug 474254
| Summary: | Default schema ends up in 99user.ldif | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] 389 | Reporter: | Nathan Kinder <nkinder> | ||||
| Component: | Directory Server | Assignee: | Nathan Kinder <nkinder> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 1.1.3 | CC: | benl, jgalipea, rmeggins | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | All | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | 8.1 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-04-29 23:08:25 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 249650, 493682 | ||||||
| Attachments: |
|
||||||
Checked into ldapserver (HEAD). Thanks to Rich for his review! Checking in ldap/schema/01common.ldif; /cvs/dirsec/ldapserver/ldap/schema/01common.ldif,v <-- 01common.ldif new revision: 1.3; previous revision: 1.2 done Checking in ldap/schema/60autofs.ldif; /cvs/dirsec/ldapserver/ldap/schema/60autofs.ldif,v <-- 60autofs.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60eduperson.ldif; /cvs/dirsec/ldapserver/ldap/schema/60eduperson.ldif,v <-- 60eduperson.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60mozilla.ldif; /cvs/dirsec/ldapserver/ldap/schema/60mozilla.ldif,v <-- 60mozilla.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60pureftpd.ldif; /cvs/dirsec/ldapserver/ldap/schema/60pureftpd.ldif,v <-- 60pureftpd.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60rfc2739.ldif; /cvs/dirsec/ldapserver/ldap/schema/60rfc2739.ldif,v <-- 60rfc2739.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60rfc3712.ldif; /cvs/dirsec/ldapserver/ldap/schema/60rfc3712.ldif,v <-- 60rfc3712.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60sabayon.ldif; /cvs/dirsec/ldapserver/ldap/schema/60sabayon.ldif,v <-- 60sabayon.ldif new revision: 1.2; previous revision: 1.1 done Checking in ldap/schema/60trust.ldif; /cvs/dirsec/ldapserver/ldap/schema/60trust.ldif,v <-- 60trust.ldif new revision: 1.2; previous revision: 1.1 done To verify: - Install DS. - Add a new attributeType to "cn=schema" over LDAP. - 99user.ldif should only contain your new custom attribute. Fix verified with one confirmation needed - the 99user.ldif contains 4 acis in addition to the extended schema. I believe this is correct. Please confirm.
Thanks
[root@jennyv4 en]# ldapmodify -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -a -f addmozattr
modifying entry "cn=schema"
[root@jennyv4 en]# ldapmodify -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 <<EOF
> dn: cn=schema
> changetype: modify
> add: objectclasses
> objectclasses: ( 1.22.333.4444 NAME 'myMozOC' DESC 'Objectclass that contains MozillaAttribute' SUP top STRUCTURAL MUST ( cn $ MozillaAttribute ) )
> EOF
modifying entry "cn=schema"
99user.ldif:
[root@jennyv4 schema]# more 99user.ldif
dn: cn=schema
objectClass: top
objectClass: ldapSubentry
objectClass: subschema
cn: schema
aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymo
us, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";)
aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; a
llow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=T
opologyManagement, o=NetscapeRoot";)
aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (a
ll) userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement, o=Ne
tscapeRoot";)
aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "l
dap:///cn=slapd-jennyv4, cn=Red Hat Directory Server, cn=Server Group, cn=je
nnyv4.bos.redhat.com, ou=bos.redhat.com, o=NetscapeRoot";)
modifiersName: cn=directory manager
modifyTimestamp: 20090406195831Z
objectClasses: ( 1.22.333.4444 NAME 'myMozOC' DESC 'Objectclass that contains
MozillaAttribute' SUP top STRUCTURAL MUST ( cn $ MozillaAttribute ) X-ORIGIN
'user defined' )
attributeTypes: ( 8.9.10.11.12.13.14 NAME 'MozillaAttribute' SYNTAX 1.3.6.1.4
.1.1466.115.121.1.15 X-ORIGIN ( 'Mozilla Dummy Schema' 'user defined' ) )
nsSchemaCSN: 49da5ee7000000000000
The aci's are expected. You can mark this one VERIFIED. verified RHEL 4 DS 8.1 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-0455.html |
Created attachment 325450 [details] CVS Diffs A number of the default attribute and objectclass definitions end up in 99user.ldif if you add any custom schema over LDAP. - Install DS. - Add a new attributeType to "cn=schema" over LDAP. - 99user.ldif will contain many other attribute and objectclass definitions in it aside from your new custom attribute. The default schema definitions should not end up in 99user.ldif. The cause of these definitions being copied to 99user.ldif are due to either duplicate definitions within the default schema, or from missing X-ORIGIN elements. These two conditions cause DS to think that the schema definitions have been redefined, or they are user defined. The fix is to simply remove the duplicates and to add the missing X-ORIGIN elements.