Bug 592397
Summary: | Upgrade tool dn2rdn: it does not clean up the entrydn in id2entry | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Noriko Hosoi <nhosoi> | ||||
Component: | Migration | Assignee: | Noriko Hosoi <nhosoi> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | high | ||||||
Version: | 1.2.6 | CC: | amsharma, jgalipea, rmeggins | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2015-12-07 16:30:32 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 576869, 639035 | ||||||
Attachments: |
|
Description
Noriko Hosoi
2010-05-14 19:00:10 UTC
Created attachment 454233 [details]
git patch file (master)
Description: If entries created by the 389 v1.2.5 or older,
the primary db (id2entry.db4) contains "entrydn: <normalized dn>".
Upgrading from the old version to v1.2.6 keeps the entrydn
attribute type and its value even though v1.2.6 is not supposed
to store the entrydn in the database.
1) This patch drops the entrydn attribute and value in upgrading
the db.
2) If an ldif file contains entrydn attribute type and value,
import (ldif2db[.pl]) ignores it.
3) A leak was found in the export (db2ldif[.pl]) which is fixed.
4) When nsslapd-subtree-rename-switch configuration attribute has
the value "on", entrydn is not used nor created. But the
server accepted reindexing entrydn request and generated an
entrydn index file. This patch rejects it.
5) Entry and dn cache clear calls (cache_clear) are added to
dblayer_instance_close in "#if defined(_USE_VALGRIND)", which
is not defined. To enable the code, the server needs to be
rebuilt with defining the macro. This is purely for debugging.
Files:
ldap/servers/slapd/back-ldbm/dblayer.c
ldap/servers/slapd/back-ldbm/id2entry.c
ldap/servers/slapd/back-ldbm/import-threads.c
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
ldap/servers/slapd/back-ldbm/ldif2ldbm.c
ldap/servers/slapd/entry.c
ldap/servers/slapd/slapi-plugin.h
Reviewed by Rich (Thank you!!) Pushed to master. $ git merge 592397 Updating 6160200..f0e4ce1 Fast-forward ldap/servers/slapd/back-ldbm/dblayer.c | 11 ++++ ldap/servers/slapd/back-ldbm/id2entry.c | 20 +++++--- ldap/servers/slapd/back-ldbm/import-threads.c | 9 ++-- ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 2 +- ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 62 ++++++++++++++++++------ ldap/servers/slapd/entry.c | 13 +++++ ldap/servers/slapd/slapi-plugin.h | 12 +++++ 7 files changed, 101 insertions(+), 28 deletions(-) $ git push Counting objects: 25, done. Delta compression using up to 4 threads. Compressing objects: 100% (13/13), done. Writing objects: 100% (13/13), 2.94 KiB, done. Total 13 (delta 11), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 6160200..f0e4ce1 master -> master This bug is supposed to verify in the upgrade test. Once upgraded, run "dbscan -f /var/lib/dirsrv/slapd-ID/db/userRoot/id2entry.db4". The output entries should not include an attribute value pair "entrydn: ..." If they are not seen in the output, this bug is verified. Followed the verification steps in Comment#5 : [root@aminew ~]# dbscan -f /var/lib/dirsrv/slapd-aminew/db/userRoot/id2entry.db4 id 1 rdn: dc=pnq,dc=redhat,dc=com nsUniqueId: 2a098224-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: domain dc: pnq aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare) userdn="ldap:///anyone";) aci: (targetattr="carLicense || description || displayName || facsimileTelepho neNumber || homePhone || homePostalAddress || initials || jpegPhoto || labele dURL || mail || mobile || pager || photo || postOfficeBox || postalAddress || postalCode || preferredDeliveryMethod || preferredLanguage || registeredAddr ess || roomNumber || secretary || seeAlso || st || street || telephoneNumber || telexNumber || title || userCertificate || userPassword || userSMIMECertif icate || x500UniqueIdentifier")(version 3.0; acl "Enable self write for commo n attributes"; allow (write) userdn="ldap:///self";) aci: (targetattr ="*")(version 3.0;acl "Directory Administrators Group";allow (all) (groupdn = "ldap:///cn=Directory Administrators, dc=pnq,dc=redhat,dc=co m");) aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; a llow (all) groupdn="ldap:///cn=Configuration Administrators,ou=Groups,ou=Topo logyManagement,o=NetscapeRoot";) aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (a ll) userdn="ldap:///uid=admin,ou=Administrators,ou=TopologyManagement,o=Netsc apeRoot";) aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "l dap:///cn=slapd-aminew,cn=Red Hat Directory Server,cn=Server Group,cn=aminew. pnq.redhat.com,ou=pnq.redhat.com,o=NetscapeRoot";) creatorsName: modifiersName: cn=directory manager createTimestamp: 20110811112924Z modifyTimestamp: 20110811112926Z entryid: 1 numSubordinates: 4 id 2 rdn: cn=Directory Administrators nsUniqueId: 2a098225-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: groupofuniquenames cn: Directory Administrators uniqueMember: cn=Directory Manager creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 1 entryid: 2 id 3 rdn: ou=Groups nsUniqueId: 2a098226-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: organizationalunit ou: Groups creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 1 entryid: 3 numSubordinates: 4 id 4 rdn: ou=People nsUniqueId: 2a098227-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: organizationalunit ou: People aci: (targetattr ="userpassword || telephonenumber || facsimiletelephonenumber ")(version 3.0;acl "Allow self entry modification";allow (write)(userdn = "ld ap:///self");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Accounting)")(version 3.0;acl "Accounting Managers Group Permissions";allow (write)(groupdn = "lda p:///cn=Accounting Managers,ou=groups,dc=pnq,dc=redhat,dc=com");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Human Resources)")(ve rsion 3.0;acl "HR Group Permissions";allow (write)(groupdn = "ldap:///cn=HR M anagers,ou=groups,dc=pnq,dc=redhat,dc=com");) aci: (targetattr !="cn ||sn || uid")(targetfilter ="(ou=Product Testing)")(ver sion 3.0;acl "QA Group Permissions";allow (write)(groupdn = "ldap:///cn=QA Ma nagers,ou=groups,dc=pnq,dc=redhat,dc=com");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Product Development)" )(version 3.0;acl "Engineering Group Permissions";allow (write)(groupdn = "ld ap:///cn=PD Managers,ou=groups,dc=pnq,dc=redhat,dc=com");) creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 1 entryid: 4 id 5 rdn: ou=Special Users nsUniqueId: 2a098228-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: organizationalUnit ou: Special Users description: Special Administrative Accounts creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 1 entryid: 5 id 6 rdn: cn=Accounting Managers nsUniqueId: 2a098229-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: groupOfUniqueNames cn: Accounting Managers ou: groups description: People who can manage accounting entries uniqueMember: cn=Directory Manager creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 3 entryid: 6 id 7 rdn: cn=HR Managers nsUniqueId: 2a09822a-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: groupOfUniqueNames cn: HR Managers ou: groups description: People who can manage HR entries uniqueMember: cn=Directory Manager creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 3 entryid: 7 id 8 rdn: cn=QA Managers nsUniqueId: 2a09822b-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: groupOfUniqueNames cn: QA Managers ou: groups description: People who can manage QA entries uniqueMember: cn=Directory Manager creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 3 entryid: 8 id 9 rdn: cn=PD Managers nsUniqueId: 2a09822c-c40d11e0-8cae874c-b7bb5e9e objectClass: top objectClass: groupOfUniqueNames cn: PD Managers ou: groups description: People who can manage engineer entries uniqueMember: cn=Directory Manager creatorsName: modifiersName: createTimestamp: 20110811112924Z modifyTimestamp: 20110811112924Z parentid: 3 entryid: 9 [root@aminew ~]# dbscan -f /var/lib/dirsrv/slapd-aminew/db/userRoot/id2entry.db4 | grep entrydn [root@aminew ~]# The output entries do not include an attribute value pair "entrydn: ..." Hence the bug is verified. |