freeipa/install
Thierry bordaz (tbordaz) a56a6aff88 Deadlock in schema compat plugin (between automember_update_membership task and dse update)
Defining schema-compat-ignore-subtree values for schema compat plugin config entries removes the
	default value (ignore: cn=tasks,cn=config). This default value prevented deadlocks.
	Schema plugin needs to scope the $SUFFIX and also any updates to its configuration.
	This change restrict the schema compat to those subtrees. It replaces the definition of ignored subtrees
	that would be too long for cn=config (tasks, mapping tree, replication, snmp..)

https://fedorahosted.org/freeipa/ticket/4635

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2014-11-06 10:53:39 +01:00
..
certmonger ipaplatform: Move paths from installers to paths module 2014-06-26 09:22:21 +02:00
conf Add /session/token_sync POST support 2014-06-26 15:55:24 +02:00
ffextension Kerberos authentication extension makefiles 2012-10-04 18:07:34 -04:00
html webui: remove remnants of jquery-ui 2014-06-10 10:23:22 +02:00
migration ipaplatform: Move all filesystem paths to ipaplatform.paths module 2014-06-16 19:48:20 +02:00
po Update translations 2014-07-07 16:05:21 +02:00
restart_scripts ipaplatform: Remove redundant imports of ipaservices 2014-06-16 19:48:20 +02:00
share Update referential integrity config for DS 1.3.3 2014-09-12 17:42:08 +02:00
tools Do not check if port 8443 is available in step 2 of external CA install 2014-10-22 14:19:07 +02:00
ui webui: extract complex pkey on Add and Edit 2014-09-05 15:10:47 +02:00
updates Deadlock in schema compat plugin (between automember_update_membership task and dse update) 2014-11-06 10:53:39 +01:00
wsgi ipaplatform: Move all filesystem paths to ipaplatform.paths module 2014-06-16 19:48:20 +02:00
configure.ac RCUE initial commit 2014-01-21 12:04:02 +01:00
Makefile.am Change group ownership of CRL publish directory 2013-07-16 12:17:40 +02:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.