Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 707028

Summary: RFE: allow configuration to be overridden on the command-line
Product: Red Hat Enterprise Linux 7 Reporter: Rob Crittenden <rcritten>
Component: 389-ds-baseAssignee: mreynolds
Status: CLOSED WONTFIX QA Contact: RHDS QE <ds-qe-bugs>
Severity: low Docs Contact:
Priority: low    
Version: 7.3CC: dpal, mreynolds, nhosoi, nkinder, rcritten, rmeggins
Target Milestone: rcKeywords: FutureFeature
Target Release: 7.3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 766327 (view as bug list) Environment:
Last Closed: 2018-10-18 17:50:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 690319, 766327    

Description Rob Crittenden 2011-05-23 19:31:43 UTC 
Description of problem:

When upgrading IPA we shut down dirsrv, reconfigure it to only listen on ldapi, restart it, apply our updates, then reverse it.

It would be safer if we could pass in the configuration changes on the command-line rather than changing dse.ldif directly.

It might look something like:

-C cn=config:nsslapd-port=0 -C cn=config:nsslapd-ldapisocket=/var/run/ipa-update.socket ...
Comment 3 Martin Kosek 2012-01-04 13:22:56 UTC 
Upstream ticket:
https://fedorahosted.org/389/ticket/41
Comment 5 mreynolds 2015-12-22 20:43:36 UTC 
*** Bug 766327 has been marked as a duplicate of this bug. ***
Comment 6 Noriko Hosoi 2015-12-23 18:14:16 UTC 
DS 41 has this comment.  Can we at least assess the possibility?
Replying to [comment:10 nhosoi]:
> Comment by Ludwig: 
> but not this specific suggestion, but could we allow enabling/disabling ports without restart. Is this something that could be done in the context of nunc-stans?
Comment 9 mreynolds 2018-10-18 14:58:45 UTC 
Is this bug needed/valid anymore?  You can set ldapi values using ldapmodify
Comment 10 Rob Crittenden 2018-10-18 16:02:22 UTC 
It can be closed. I'll open a ticket against freeipa to make these changes over LDAP instead of directly tweaking the files.

I assume a restart needed if the listeners are updated?
Comment 11 mreynolds 2018-10-18 16:05:50 UTC 
(In reply to Rob Crittenden from comment #10)
> It can be closed. I'll open a ticket against freeipa to make these changes
> over LDAP instead of directly tweaking the files.
> 
> I assume a restart needed if the listeners are updated?

Yeah a restart is still needed.  But Ludwig just pointed out that this RFE might have been related to passing config options directly to ns-slapd?  I guess openldap does something like this.  If that's the case, and it does provide value we could move this RFE to a later RHEL release instead of closing it.
Comment 12 Rob Crittenden 2018-10-18 17:37:25 UTC 
Passing as arguments to ns-slapd was the original idea but making the changes over ldapi I think is sufficient for our needs, and certainly better than directly tweaking dse.ldif. You may close this.
Comment 13 mreynolds 2018-10-18 17:50:25 UTC 
(In reply to Rob Crittenden from comment #12)
> Passing as arguments to ns-slapd was the original idea but making the
> changes over ldapi I think is sufficient for our needs, and certainly better
> than directly tweaking dse.ldif. You may close this.

Will do, thanks Rob!