Add schema updater based on IPA schema files

The new updater is run as part of `ipa-ldap-updater --upgrade` and `ipa-ldap-updater --schema` (--schema is a new option). The --schema-file option to ipa-ldap-updater may be used (multiple times) to select a non-default set of schema files to update against. The updater adds an X-ORIGIN tag with the current IPA version to all elements it adds or modifies. https://fedorahosted.org/freeipa/ticket/3454
2025-02-25 18:55:28 -06:00 · 2013-04-26 15:21:35 +02:00
parent 9e79d2bc5e
commit f52d471aa7
4 changed files with 180 additions and 5 deletions
--- a/ipapython/ipaldap.py
+++ b/ipapython/ipaldap.py
@@ -1768,6 +1768,12 @@ class LDAPClient(object):
                    if not force_replace:
                        modlist.append((ldap.MOD_DELETE, k, rems))

+        # Usually the modlist order does not matter.
+        # However, for schema updates, we want 'attributetypes' before
+        # 'objectclasses'.
+        # A simple sort will ensure this.
+        modlist.sort(key=lambda m: m[1].lower())
+
        return modlist

    def update_entry(self, entry, entry_attrs=None):