mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Explicitly disable betxn plugins for the time being.
This should work with 389-ds-base 1.2.x and 1.3.0. Without other plugin changes 389-ds-base can deadlock. https://fedorahosted.org/freeipa/ticket/3046
This commit is contained in:
parent
a51b65d9d4
commit
ea4f60b15a
@ -18,6 +18,7 @@ app_DATA = \
|
||||
default-hbac.ldif \
|
||||
default-smb-group.ldif \
|
||||
delegation.ldif \
|
||||
disable-betxn.ldif \
|
||||
replica-acis.ldif \
|
||||
ds-nfiles.ldif \
|
||||
dns.ldif \
|
||||
|
61
install/share/disable-betxn.ldif
Normal file
61
install/share/disable-betxn.ldif
Normal file
@ -0,0 +1,61 @@
|
||||
# Disable transactions in 389-ds-base
|
||||
|
||||
dn: cn=7-bit check,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=attribute uniqueness,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=Auto Membership Plugin,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=Linked Attributes,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=Managed Entries,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=MemberOf Plugin,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: postoperation
|
||||
|
||||
dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginbetxn
|
||||
nsslapd-pluginbetxn: off
|
||||
|
||||
dn: cn=PAM Pass Through Auth,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=referential integrity postoperation,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: postoperation
|
||||
|
||||
dn: cn=Roles Plugin,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginbetxn
|
||||
nsslapd-pluginbetxn: off
|
||||
|
||||
dn: cn=State Change Plugin,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginType
|
||||
nsslapd-pluginType: postoperation
|
||||
|
||||
dn: cn=USN,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginbetxn
|
||||
nsslapd-pluginbetxn: off
|
37
install/updates/10-disable-betxn.update
Normal file
37
install/updates/10-disable-betxn.update
Normal file
@ -0,0 +1,37 @@
|
||||
# Disable transactions in 389-ds-base
|
||||
|
||||
dn: cn=7-bit check,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=attribute uniqueness,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=Auto Membership Plugin,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=Linked Attributes,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=Managed Entries,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=MemberOf Plugin,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: postoperation
|
||||
|
||||
dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config
|
||||
only: nsslapd-pluginbetxn: off
|
||||
|
||||
dn: cn=PAM Pass Through Auth,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: preoperation
|
||||
|
||||
dn: cn=referential integrity postoperation,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: postoperation
|
||||
|
||||
dn: cn=Roles Plugin,cn=plugins,cn=config
|
||||
only: nsslapd-pluginbetxn: off
|
||||
|
||||
dn: cn=State Change Plugin,cn=plugins,cn=config
|
||||
only: nsslapd-pluginType: postoperation
|
||||
|
||||
dn: cn=USN,cn=plugins,cn=config
|
||||
only: nsslapd-pluginbetxn: off
|
@ -7,6 +7,7 @@ app_DATA = \
|
||||
10-RFC2307bis.update \
|
||||
10-RFC4876.update \
|
||||
10-config.update \
|
||||
10-disable-betxn.update \
|
||||
10-selinuxusermap.update \
|
||||
10-sudo.update \
|
||||
10-ssh.update \
|
||||
|
@ -197,6 +197,7 @@ class DsInstance(service.Service):
|
||||
self.step("configuring replication version plugin", self.__config_version_module)
|
||||
self.step("enabling IPA enrollment plugin", self.__add_enrollment_module)
|
||||
self.step("enabling ldapi", self.__enable_ldapi)
|
||||
self.step("disabling betxn plugins", self.__disable_betxn)
|
||||
self.step("configuring uniqueness plugin", self.__set_unique_attrs)
|
||||
self.step("configuring uuid plugin", self.__config_uuid_module)
|
||||
self.step("configuring modrdn plugin", self.__config_modrdn_module)
|
||||
@ -470,6 +471,9 @@ class DsInstance(service.Service):
|
||||
def __add_referint_module(self):
|
||||
self._ldap_mod("referint-conf.ldif")
|
||||
|
||||
def __disable_betxn(self):
|
||||
self._ldap_mod("disable-betxn.ldif", self.sub_dict)
|
||||
|
||||
def __set_unique_attrs(self):
|
||||
self._ldap_mod("unique-attributes.ldif", self.sub_dict)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user