Bug 668909
Summary: | Can't modify replication agreement in some cases | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Simo Sorce <ssorce> | ||||||
Component: | Replication - General | Assignee: | Rich Megginson <rmeggins> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | 1.2.7 | CC: | nhosoi | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2015-12-07 16:54:40 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 639035, 656390 | ||||||||
Attachments: |
|
Description
Simo Sorce
2011-01-12 01:30:03 UTC
How urgent is this? Does this need to be fixed for IPA 2.0 in RHEL6? No, we worked around it. Created attachment 483325 [details]
preliminary diff to implememt port update in an agreement
nsDS5ReplicaPort is not allowed to modify:
$ldapmodify ... << EOF
dn: cn=agreement_name,cn=replica,cn="suffix",cn=mapping tree,cn=config
changetype: modify
replace: nsDS5ReplicaPort
nsDS5ReplicaPort: 24208
-
replace: nsDS5ReplicaBindMethod
nsDS5ReplicaBindMethod: SIMPLE
-
replace:DS5ReplicaTransportInfo
nsDS5ReplicaTransportInfo: LDAP
EOF
error message with repl log level:
[...] NSMMReplicationPlugin - agmtlist_modify_callback: modification of nsDS5ReplicaPort attribute is not allowed
The current agmtlist_modify_callback implements these attributes.
nsds5ReplicaInitialize
nsds5ReplicaUpdateSchedule
nsds5ReplicaTimeout
nsds5ReplicaBusyWaitTime
nsds5ReplicaSessionPauseTime
nsds5ReplicaBindDN
nsds5TransportInfo
nsds5ReplicaBindMethod
nsds5ReplicatedAttributeList
By adding nsds5ReplicaPort to the list (see also the attached patch), switching between SSL/TLS and SIMPLE is enabled. Could there be any reason why we should not allow this?
The partial URL (purl) in the RUV has hostname:port - does this port number come from nsds5ReplicaPort? It may break replication in some strange way to change the port. What happens if you shutdown the server then restart? Does replication continue to work? (In reply to comment #4) > What happens if you shutdown the server then restart? Does > replication continue to work? Yes, it continues working. (In reply to comment #4) > The partial URL (purl) in the RUV has hostname:port - does this port number > come from nsds5ReplicaPort? It does not look so. This is a snippet of agreement used in the mmraccept test: dn: cn=24202_to_24214,cn=replica,cn=o\3Dairius.com,cn=mapping tree,cn=config nsDS5ReplicaPort: 24214 nsDS5ReplicaTransportInfo: SSL nsDS5ReplicaBindMethod: SIMPLE nsds50ruv: {replica 2 ldap://kiki.usersys.redhat.com:24204} 4d77fab20000000200 00 4d77fab2000000020000 nsds50ruv: {replica 1 ldap://kiki.usersys.redhat.com:24202} 4d77fa970000000100 00 4d7804a5000000010000 24214 is the secure port, but the corresponding original port 24204 is being used in RUV... Comment on attachment 483325 [details]
preliminary diff to implememt port update in an agreement
Ok. The patch looks good, but the formatting is a bit dodgy.
I think we should get this in and throw some replication tests at it - change the port and make sure all of the suppliers and consumers continue to work as before.
(In reply to comment #7) > Comment on attachment 483325 [details] > preliminary diff to implememt port update in an agreement > > Ok. The patch looks good, but the formatting is a bit dodgy. > > I think we should get this in and throw some replication tests at it - change > the port and make sure all of the suppliers and consumers continue to work as > before. Thank you, Rich! I'm running the test, now... Sorry about the format. Actually, that's not even a patch... :p Let me come up with a better one once I finish running the tests. Created attachment 483808 [details]
git patch file (master)
Description: Code to modify nsds5ReplicaPort in replication agreement
was not implemented. This patch adds it.
When an agreement change is detected in conn_connect, it resets
the values needed to make a connection including the port number.
Reviewed by Nathan (Thank you!!!) Pushed to master. $ git merge 668909 Updating d79ff62..34f2f30 Fast-forward ldap/servers/plugins/replication/repl5_agmt.c | 35 ++++++++++++++++++- ldap/servers/plugins/replication/repl5_agmtlist.c | 14 ++++++++ .../servers/plugins/replication/repl5_connection.c | 1 + 3 files changed, 48 insertions(+), 2 deletions(-) $ git push Counting objects: 17, done. Delta compression using up to 4 threads. Compressing objects: 100% (9/9), done. Writing objects: 100% (9/9), 1.24 KiB, done. Total 9 (delta 7), reused 0 (delta 0) remote: git: 'refs/heads/master' is not a git command. See 'git --help'. To ssh://git.fedorahosted.org/git/389/ds.git d79ff62..34f2f30 master -> master 389-ds-base-1.2.8: Cherry-picked commit 34f2f30578d69f4aaa7445f6f388b03f9fc5c3ca $ git cherry-pick 34f2f30578d69f4aaa7445f6f388b03f9fc5c3ca Finished one cherry-pick. [ds128-local cc578f1] Bug 668909 - Can't modify replication agreement in some cases 3 files changed, 48 insertions(+), 2 deletions(-) Pushed to 389-ds-base-1.2.8, as well. $ git push origin ds128-local:389-ds-base-1.2.8 Counting objects: 17, done. Delta compression using up to 4 threads. Compressing objects: 100% (9/9), done. Writing objects: 100% (9/9), 1.24 KiB, done. Total 9 (delta 7), reused 0 (delta 0) remote: git: 'refs/heads/389-ds-base-1.2.8' is not a git command. See 'git --help'. To ssh://git.fedorahosted.org/git/389/ds.git 235e3a6..cc578f1 ds128-local -> 389-ds-base-1.2.8 The nightly mmr acceptance test pass 100%, mark verified. TestCase [bug668909] result-> [PASS] |