Disable replication version plugin by default.

The 389-ds replication plugin may not be installed on all platforms and our replication version plugin will cause 389-ds to not start if it is loaded and the replication plugin is not. So disable by default. When a replica is prepared we check for the replication plugin. If it exists we will enable the replication version plugin. Likewise on installation of a replica we check for existence of the repliation plugin and if it is there then we enable the version plugin before replication begins. ticket 918
2025-02-25 18:55:28 -06:00 · 2011-02-08 22:24:54 -05:00
parent c187b276ad
commit b77046d550
4 changed files with 29 additions and 2 deletions
--- a/daemons/ipa-slapi-plugins/ipa-version/version-conf.ldif
+++ b/daemons/ipa-slapi-plugins/ipa-version/version-conf.ldif
@@ -7,7 +7,7 @@ cn: IPA Version Replication
 nsslapd-pluginpath: libipa_repl_version
 nsslapd-plugininitfunc: repl_version_plugin_init
 nsslapd-plugintype: preoperation
-nsslapd-pluginenabled: on
+nsslapd-pluginenabled: off
 nsslapd-pluginid: ipa_repl_version
 nsslapd-pluginversion: 1.0
 nsslapd-pluginvendor: Red Hat, Inc.
--- a/install/tools/ipa-replica-prepare
+++ b/install/tools/ipa-replica-prepare
@@ -29,7 +29,7 @@ from optparse import OptionParser
 from ipapython import ipautil
 from ipaserver.install import bindinstance, dsinstance, installutils, certs
 from ipaserver.install.bindinstance import add_zone, add_reverse_zone, add_rr, add_ptr_rr
-from ipaserver.install.replication import check_replication_plugin
+from ipaserver.install.replication import check_replication_plugin, enable_replication_version_checking
 from ipaserver.plugins.ldap2 import ldap2
 from ipapython import version
 from ipalib import api, errors, util
@@ -296,6 +296,8 @@ def main():
        sys.exit("\nUnable to connect to LDAP server %s" % api.env.host)
    print "Preparing replica for %s from %s" % (replica_fqdn, api.env.host)
    enable_replication_version_checking(api.env.host, api.env.realm,
        dirman_password)
    subject_base = get_subject_base(api.env.host, dirman_password, util.realm_to_suffix(api.env.realm))
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -289,6 +289,10 @@ class DsInstance(service.Service):
    def __setup_replica(self):
        replication.enable_replication_version_checking(self.fqdn,
            self.realm_name,
            self.dm_password)
        repl = replication.ReplicationManager(self.realm_name,
                                              self.fqdn,
                                              self.dm_password)
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@@ -22,6 +22,7 @@ import time, logging
 import os
 import ldap
 from ipaserver import ipaldap
 from ipaserver.install.service import restart
 from ldap import modlist
 from ipalib import util
 from ipalib import errors
@@ -53,6 +54,26 @@ def check_replication_plugin():
    return True
 def enable_replication_version_checking(hostname, realm, dirman_passwd):
    """
    Check the replication version checking plugin. If it is not
    enabled then enable it and restart 389-ds. If it is enabled
    the do nothing.
    """
    conn = ipaldap.IPAdmin(hostname, port=PORT, cacert=CACERT)
    if dirman_passwd:
        conn.do_simple_bind(bindpw=dirman_passwd)
    else:
        conn.sasl_interactive_bind_s('', SASL_AUTH)
    entry = conn.search_s('cn=IPA Version Replication,cn=plugins,cn=config', ldap.SCOPE_BASE, 'objectclass=*')
    if entry[0].getValue('nsslapd-pluginenabled') == 'off':
        conn.modify_s(entry[0].dn, [(ldap.MOD_REPLACE, 'nsslapd-pluginenabled', 'on')])
        conn.unbind()
        serverid = "-".join(realm.split("."))
        restart("dirsrv", instance_name=serverid)
    else:
        conn.unbind()
 class ReplicationManager:
    """Manage replication agreements between DS servers, and sync
    agreements with Windows servers"""