Hide Forgot
Description of problem: Directory server should support dynamic configuration changes for the plugins. Currently, it requires a server restart for plugin configuration changes. Version-Release number of selected component (if applicable): 389-ds-base-1.2.11.15-20 How reproducible: Consistently. Steps to Reproduce: # Add container for automembers plugin ldapmodify -h $IP -p $PORT -D "cn=directory manager" -w Secret123 -a <<EOF dn: $PLUGIN_ROOT objectClass: top objectClass: nscontainer EOF # Configure nsslapd-pluginConfigArea ldapmodify -h $IP -p $PORT -D "cn=directory manager" -w Secret123 -a <<EOF dn: $PLUGIN_AUTO changetype: modify add: nsslapd-pluginConfigArea nsslapd-pluginConfigArea: $ROOT - replace: nsslapd-pluginEnabled nsslapd-pluginEnabled: on EOF # Add rules that conlict with pluginConfigArea ldapmodify -h $IP -p $PORT -D "cn=directory manager" -w Secret123 -a <<EOF dn: cn=replsubGroups,$PLUGIN_ROOT objectclass: autoMemberDefinition autoMemberScope: cn=Employees,$ROOT autoMemberFilter: objectclass=posixAccount autoMemberDefaultGroup: cn=SubDef1,$ROOT autoMemberDefaultGroup: cn=SubDef2,$ROOT autoMemberDefaultGroup: cn=SubDef3,$ROOT autoMemberDefaultGroup: cn=SubDef4,$ROOT autoMemberDefaultGroup: cn=SubDef5,$ROOT autoMemberGroupingAttr: member: dn dn: cn=Managers,cn=replsubGroups,$PLUGIN_ROOT objectclass: autoMemberRegexRule description: Group placement for Managers cn: Managers autoMemberTargetGroup: cn=Managers,cn=replsubGroups,$ROOT autoMemberInclusiveRegex: uidNumber=^5..5$ autoMemberInclusiveRegex: gidNumber=^[1-4]..3$ autoMemberInclusiveRegex: nsAdminGroupName=^Manager$|^Supervisor$ autoMemberExclusiveRegex: uidNumber=^999$ autoMemberExclusiveRegex: gidNumber=^[6-8].0$ autoMemberExclusiveRegex: nsAdminGroupName=^Junior$ dn:cn=Contractors,cn=replsubGroups,$PLUGIN_ROOT objectclass: autoMemberRegexRule description: Group placement for Contractors cn: Contractors autoMemberTargetGroup: cn=Contractors,cn=replsubGroups,$ROOT autoMemberInclusiveRegex: uidNumber=^8..5$ autoMemberInclusiveRegex: gidNumber=^[5-9]..3$ autoMemberInclusiveRegex: nsAdminGroupName=^Contract|^Temporary$ autoMemberExclusiveRegex: uidNumber=^[1,3,8]99$ autoMemberExclusiveRegex: gidNumber=^[2-4]00$ autoMemberExclusiveRegex: nsAdminGroupName=^Employee$ EOF Actual results: Automembership plugin accepts invalid configuration. It requires a server restart to reject the configuration. Expected results: Plugin should reject the invalid configuration dynamically. Additional info: Associated upstream ticket - https://fedorahosted.org/389/ticket/47451
Upstream ticket: https://fedorahosted.org/389/ticket/47451
Test Plan created :: https://tcms.engineering.redhat.com/plan/15540/add-enable-disable-remove-plugins-without-server-restart Few plugins tested :: DNA, memberof, automember. One new crash bug reported during testing of this bug :: https://bugzilla.redhat.com/show_bug.cgi?id=1162997 Marking this bug as VERIFIED, new bugs will be opened at later stage when detailed testing will be performed.
If this Feature should be included in the 7.1 Release Notes, could you please change the Doc Type from Enhancement to "Release Note"? Note that the Release Notes are intended to list the most prominent and customer-relevant new features rather than every single enhancement. Cheers, Jirka
Fixed upstream
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0416.html