Explicitly disable betxn plugins for the time being.

This should work with 389-ds-base 1.2.x and 1.3.0.

Without other plugin changes 389-ds-base can deadlock.

https://fedorahosted.org/freeipa/ticket/3046
This commit is contained in:
Rob Crittenden 2012-10-10 22:41:02 -04:00
parent a51b65d9d4
commit ea4f60b15a
5 changed files with 104 additions and 0 deletions

View File

@ -18,6 +18,7 @@ app_DATA = \
default-hbac.ldif \
default-smb-group.ldif \
delegation.ldif \
disable-betxn.ldif \
replica-acis.ldif \
ds-nfiles.ldif \
dns.ldif \

View File

@ -0,0 +1,61 @@
# Disable transactions in 389-ds-base
dn: cn=7-bit check,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: preoperation
dn: cn=attribute uniqueness,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: preoperation
dn: cn=Auto Membership Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: preoperation
dn: cn=Linked Attributes,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: preoperation
dn: cn=Managed Entries,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: preoperation
dn: cn=MemberOf Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: postoperation
dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginbetxn
nsslapd-pluginbetxn: off
dn: cn=PAM Pass Through Auth,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: preoperation
dn: cn=referential integrity postoperation,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: postoperation
dn: cn=Roles Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginbetxn
nsslapd-pluginbetxn: off
dn: cn=State Change Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginType
nsslapd-pluginType: postoperation
dn: cn=USN,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginbetxn
nsslapd-pluginbetxn: off

View File

@ -0,0 +1,37 @@
# Disable transactions in 389-ds-base
dn: cn=7-bit check,cn=plugins,cn=config
only: nsslapd-pluginType: preoperation
dn: cn=attribute uniqueness,cn=plugins,cn=config
only: nsslapd-pluginType: preoperation
dn: cn=Auto Membership Plugin,cn=plugins,cn=config
only: nsslapd-pluginType: preoperation
dn: cn=Linked Attributes,cn=plugins,cn=config
only: nsslapd-pluginType: preoperation
dn: cn=Managed Entries,cn=plugins,cn=config
only: nsslapd-pluginType: preoperation
dn: cn=MemberOf Plugin,cn=plugins,cn=config
only: nsslapd-pluginType: postoperation
dn: cn=Multimaster Replication Plugin,cn=plugins,cn=config
only: nsslapd-pluginbetxn: off
dn: cn=PAM Pass Through Auth,cn=plugins,cn=config
only: nsslapd-pluginType: preoperation
dn: cn=referential integrity postoperation,cn=plugins,cn=config
only: nsslapd-pluginType: postoperation
dn: cn=Roles Plugin,cn=plugins,cn=config
only: nsslapd-pluginbetxn: off
dn: cn=State Change Plugin,cn=plugins,cn=config
only: nsslapd-pluginType: postoperation
dn: cn=USN,cn=plugins,cn=config
only: nsslapd-pluginbetxn: off

View File

@ -7,6 +7,7 @@ app_DATA = \
10-RFC2307bis.update \
10-RFC4876.update \
10-config.update \
10-disable-betxn.update \
10-selinuxusermap.update \
10-sudo.update \
10-ssh.update \

View File

@ -197,6 +197,7 @@ class DsInstance(service.Service):
self.step("configuring replication version plugin", self.__config_version_module)
self.step("enabling IPA enrollment plugin", self.__add_enrollment_module)
self.step("enabling ldapi", self.__enable_ldapi)
self.step("disabling betxn plugins", self.__disable_betxn)
self.step("configuring uniqueness plugin", self.__set_unique_attrs)
self.step("configuring uuid plugin", self.__config_uuid_module)
self.step("configuring modrdn plugin", self.__config_modrdn_module)
@ -470,6 +471,9 @@ class DsInstance(service.Service):
def __add_referint_module(self):
self._ldap_mod("referint-conf.ldif")
def __disable_betxn(self):
self._ldap_mod("disable-betxn.ldif", self.sub_dict)
def __set_unique_attrs(self):
self._ldap_mod("unique-attributes.ldif", self.sub_dict)