Bug 1962671 - [RFE] Enable interval feature of DNA plugin to support intervals sizes for subuids
Summary: [RFE] Enable interval feature of DNA plugin to support intervals sizes for su...
Alias: None
Product: Fedora
Classification: Fedora
Component: 389-ds-base
Version: 33
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: mreynolds
QA Contact: Fedora Extras Quality Assurance
Whiteboard: sync-to-jira
Depends On:
TreeView+ depends on / blocked
Reported: 2021-05-20 13:28 UTC by Christian Heimes
Modified: 2021-05-20 15:09 UTC (History)
5 users (show)

Fixed In Version: 389-ds-base-2.0.4-4.fc35
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2021-05-20 15:09:13 UTC
Type: Bug

Attachments (Terms of Use)
Patch to remove #ifdef DNA_ENABLE_INTERVAL (837 bytes, patch)
2021-05-20 13:28 UTC, Christian Heimes
no flags Details | Diff

Description Christian Heimes 2021-05-20 13:28:26 UTC
Created attachment 1785178 [details]
Patch to remove #ifdef DNA_ENABLE_INTERVAL

This bug was initially created as a copy of Bug #1938239

I am copying this bug because: 
FreeIPA needs the feature in Fedora for upstream development and testing

IdM is working on central management of subordinate ids for RHEL 8.5. The feature is also known as subid, subuid, or subgid, man page subuid(5). The feature is important for user namespace mapping in containers. Several major customers have requested central management of subids in LDAP.

Subids are blocks of uids or gids that are owned by a user. Typical block size is 65,536 ids per user. IdM would like to use 389-DS's DNA plugin for automatic allocation and assignment of subids. The DNA plugin only supports increments by one. I like to request an enhancement for DNA plugin.

My initial feature request on RHEL ticket #1938239 was more complicated. In the first implementation FreeIPA only needs fixed-size subid intervals. Therefore it is sufficient to enable the existing interval feature that is currently protected by #ifdef DNA_ENABLE_INTERVAL.

Comment 1 Christian Heimes 2021-05-20 14:50:01 UTC
I have created PRs to enable DNA interval on Fedora. Mark has merged my PRs and will create builds later today.

https://src.fedoraproject.org/rpms/389-ds-base/pull-request/9 (rawhide)
https://src.fedoraproject.org/rpms/389-ds-base/pull-request/10 (f33)
https://src.fedoraproject.org/rpms/389-ds-base/pull-request/11 (f34)

Comment 2 Fedora Update System 2021-05-20 15:08:40 UTC
FEDORA-2021-3ea3204efb has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-3ea3204efb

Comment 3 Fedora Update System 2021-05-20 15:09:13 UTC
FEDORA-2021-3ea3204efb has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.