IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-13 09:41:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add detection to the update tool to detect when it would apply changes.

Browse Source 
Remove SUP name from RFC2307bis.update to match FDS
This commit is contained in:
Rob Crittenden 2008-09-17 23:18:09 -04:00
parent b4938f5e35
commit ca07cdb390
4 changed files with 52 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ipa-server/ipa-install/updates/RFC2307bis.update
View File

@ -16,7 +16,7 @@ add:attributeTypes:
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
X-ORIGIN 'RFC2307bis' ) X-ORIGIN 'RFC2307bis' )
add:attributeTypes: add:attributeTypes:
( 1.3.6.1.4.1.1.1.1.12 SUP name NAME 'nisDomain' ( 1.3.6.1.4.1.1.1.1.12 NAME 'nisDomain'
DESC 'NIS domain' DESC 'NIS domain'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
X-ORIGIN 'RFC2307bis' ) X-ORIGIN 'RFC2307bis' )

7
ipa-server/ipa-ldap-updater
View File

@ -99,9 +99,12 @@ def main():
else: else:
files = args files = args
ld.update(files) modified = ld.update(files)
return 0 if modified and options.test:
return 2
else:
return 0
try: try:
if __name__ == "__main__": if __name__ == "__main__":

46
ipa-server/ipaserver/ldapupdate.py
View File

@ -53,6 +53,7 @@ class LDAPUpdate():
self.live_run = live_run self.live_run = live_run
self.dm_password = dm_password self.dm_password = dm_password
self.conn = None self.conn = None
self.modified = False
krbctx = krbV.default_context() krbctx = krbV.default_context()
@ -454,6 +455,31 @@ class LDAPUpdate():
logging.debug(a + ": ") logging.debug(a + ": ")
for l in value: for l in value:
logging.debug("\t" + l) logging.debug("\t" + l)
def is_schema_updated(self, s):
"""Compare the schema in 's' with the current schema in the DS to
see if anything has changed. This should account for syntax
differences (like added parens that make no difference but are
detected as a change by generateModList()).
This doesn't handle re-ordering of attributes. They are still
detected as changes, so foo $ bar != bar $ foo.
return True if the schema has changed
return False if it has not
"""
s = ldap.schema.SubSchema(s)
s = s.ldap_entry()
# Get a fresh copy and convert into a SubSchema
n = self.__get_entry("cn=schema")[0]
n = dict(n.data)
n = ldap.schema.SubSchema(n)
n = n.ldap_entry()
if s == n:
return False
else:
return True
def __update_record(self, update): def __update_record(self, update):
found = False found = False
@ -498,19 +524,31 @@ class LDAPUpdate():
else: else:
# Update LDAP # Update LDAP
try: try:
logging.debug("%s" % self.conn.generateModList(entry.origDataDict(), entry.toDict())) updated = False
if self.live_run: changes = self.conn.generateModList(entry.origDataDict(), entry.toDict())
if (entry.dn == "cn=schema"):
updated = self.is_schema_updated(entry.toDict())
else:
if len(changes) > 1:
updated = True
logging.debug("%s" % changes)
if self.live_run and updated:
self.conn.updateEntry(entry.dn, entry.origDataDict(), entry.toDict()) self.conn.updateEntry(entry.dn, entry.origDataDict(), entry.toDict())
logging.info("Done") logging.info("Done")
except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST), e: except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST), e:
logging.info("Entry already up-to-date") logging.info("Entry already up-to-date")
updated = False
except ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR), e: except ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR), e:
logging.error("Update failed: %s: %s", e, self.__detail_error(e.detail)) logging.error("Update failed: %s: %s", e, self.__detail_error(e.detail))
updated = False
if ("cn=index" in entry.dn and if ("cn=index" in entry.dn and
"cn=userRoot" in entry.dn): "cn=userRoot" in entry.dn):
taskid = self.create_index_task(entry.cn) taskid = self.create_index_task(entry.cn)
self.monitor_index_task(taskid) self.monitor_index_task(taskid)
if updated:
self.modified = True
return return
def get_all_files(self, root, recursive=False): def get_all_files(self, root, recursive=False):
@ -526,6 +564,8 @@ class LDAPUpdate():
def update(self, files): def update(self, files):
"""Execute the update. files is a list of the update files to use. """Execute the update. files is a list of the update files to use.
returns True if anything was changed, otherwise False
""" """
try: try:
@ -551,4 +591,4 @@ class LDAPUpdate():
finally: finally:
if self.conn: self.conn.unbind() if self.conn: self.conn.unbind()
return return self.modified

4
ipa-server/man/ipa-ldap-updater.1
View File

@ -66,7 +66,7 @@ A few rules:
Enable debug logging when more verbose output is needed Enable debug logging when more verbose output is needed
.TP .TP
\fB\-t\fR, \fB\-\-test\fR \fB\-t\fR, \fB\-\-test\fR
Run through the update without changing anything Run through the update without changing anything. If changes are available then the command returns 2. If no updates are available it returns 0.
.TP .TP
\fB\-y\fR \fB\-y\fR
File containing the Directory Manager password File containing the Directory Manager password
@ -74,3 +74,5 @@ File containing the Directory Manager password
0 if the command was successful 0 if the command was successful
1 if an error occurred 1 if an error occurred
2 if run with in test mode (\-t) and updates are available