Branch '389-ds-base-1.3.3' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_add.c | 59 +++++++++++++++++++++++---------
1 file changed, 43 insertions(+), 16 deletions(-)
New commits:
commit 78fdd6165cb2c9da4e30452ebdcdcf7aad3d30c7
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Sep 8 14:29:29 2014 -0700
Ticket #47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted.
Description: Previous fix for the ticket #47834 broke the CI test case
47815.
The fix for 47815 removed the addingentry from the entry cache if
SLAPI_PLUGIN_BE_TXN_POST_ADD_FN failed. The #47834 patch accidentally
deleted the code.
Instead of adding it back, this patch moves the deletion of the entry
from the entry cache to cover both cases SLAPI_PLUGIN_BE_TXN_POST_ADD
_FN successes or fails.
https://fedorahosted.org/389/ticket/47834
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
(cherry picked from commit 7db4fa90caa543b59352046138f453236c0fd652)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 2f1b398..b74154a 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -1209,21 +1209,6 @@ error_return:
{
next_id_return( be, addingentry->ep_id );
}
- if ( addingentry )
- {
- if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
- CACHE_REMOVE(&inst->inst_cache, addingentry);
- /* tell frontend not to free this entry */
- slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
- }
- else if (!cache_has_otherref(&inst->inst_cache, addingentry))
- {
- if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
- backentry_clear_entry(addingentry); /* e is released in the frontend */
- }
- }
- CACHE_RETURN( &inst->inst_cache, &addingentry );
- }
if (rc == DB_RUNRECOVERY) {
dblayer_remember_disk_filled(li);
ldbm_nasty("Add",80,rc);
@@ -1244,6 +1229,20 @@ error_return:
}
diskfull_return:
if (disk_full) {
+ if ( addingentry ) {
+ if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ /* tell frontend not to free this entry */
+ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
+ }
+ else if (!cache_has_otherref(&inst->inst_cache, addingentry))
+ {
+ if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
+ backentry_clear_entry(addingentry); /* e is released in the frontend */
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
rc = return_on_disk_full(li);
} else {
/* It is safer not to abort when the transaction is not started. */
@@ -1277,13 +1276,41 @@ diskfull_return:
}
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
}
-
+ if ( addingentry ) {
+ if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ /* tell frontend not to free this entry */
+ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
+ }
+ else if (!cache_has_otherref(&inst->inst_cache, addingentry))
+ {
+ if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
+ backentry_clear_entry(addingentry); /* e is released in the frontend */
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
/* Release SERIAL LOCK */
if (!noabort) {
dblayer_txn_abort(be, &txn); /* abort crashes in case disk full */
}
/* txn is no longer valid - reset the txn pointer to the parent */
slapi_pblock_set(pb, SLAPI_TXN, parent_txn);
+ } else {
+ if ( addingentry ) {
+ if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ /* tell frontend not to free this entry */
+ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
+ }
+ else if (!cache_has_otherref(&inst->inst_cache, addingentry))
+ {
+ if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
+ backentry_clear_entry(addingentry); /* e is released in the frontend */
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
}
if (!not_an_error) {
rc = SLAPI_FAIL_GENERAL;
9 years, 7 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_add.c | 59 +++++++++++++++++++++++---------
1 file changed, 43 insertions(+), 16 deletions(-)
New commits:
commit 7db4fa90caa543b59352046138f453236c0fd652
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Sep 8 14:29:29 2014 -0700
Ticket #47834 - Tombstone_to_glue: if parents are also converted to glue, the target entry's DN must be adjusted.
Description: Previous fix for the ticket #47834 broke the CI test case
47815.
The fix for 47815 removed the addingentry from the entry cache if
SLAPI_PLUGIN_BE_TXN_POST_ADD_FN failed. The #47834 patch accidentally
deleted the code.
Instead of adding it back, this patch moves the deletion of the entry
from the entry cache to cover both cases SLAPI_PLUGIN_BE_TXN_POST_ADD
_FN successes or fails.
https://fedorahosted.org/389/ticket/47834
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 2f1b398..b74154a 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -1209,21 +1209,6 @@ error_return:
{
next_id_return( be, addingentry->ep_id );
}
- if ( addingentry )
- {
- if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
- CACHE_REMOVE(&inst->inst_cache, addingentry);
- /* tell frontend not to free this entry */
- slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
- }
- else if (!cache_has_otherref(&inst->inst_cache, addingentry))
- {
- if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
- backentry_clear_entry(addingentry); /* e is released in the frontend */
- }
- }
- CACHE_RETURN( &inst->inst_cache, &addingentry );
- }
if (rc == DB_RUNRECOVERY) {
dblayer_remember_disk_filled(li);
ldbm_nasty("Add",80,rc);
@@ -1244,6 +1229,20 @@ error_return:
}
diskfull_return:
if (disk_full) {
+ if ( addingentry ) {
+ if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ /* tell frontend not to free this entry */
+ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
+ }
+ else if (!cache_has_otherref(&inst->inst_cache, addingentry))
+ {
+ if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
+ backentry_clear_entry(addingentry); /* e is released in the frontend */
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
rc = return_on_disk_full(li);
} else {
/* It is safer not to abort when the transaction is not started. */
@@ -1277,13 +1276,41 @@ diskfull_return:
}
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
}
-
+ if ( addingentry ) {
+ if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ /* tell frontend not to free this entry */
+ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
+ }
+ else if (!cache_has_otherref(&inst->inst_cache, addingentry))
+ {
+ if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
+ backentry_clear_entry(addingentry); /* e is released in the frontend */
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
/* Release SERIAL LOCK */
if (!noabort) {
dblayer_txn_abort(be, &txn); /* abort crashes in case disk full */
}
/* txn is no longer valid - reset the txn pointer to the parent */
slapi_pblock_set(pb, SLAPI_TXN, parent_txn);
+ } else {
+ if ( addingentry ) {
+ if (inst && cache_is_in_cache(&inst->inst_cache, addingentry)) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ /* tell frontend not to free this entry */
+ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
+ }
+ else if (!cache_has_otherref(&inst->inst_cache, addingentry))
+ {
+ if (!is_resurect_operation) { /* if resurect, tombstoneentry is dupped. */
+ backentry_clear_entry(addingentry); /* e is released in the frontend */
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
}
if (!not_an_error) {
rc = SLAPI_FAIL_GENERAL;
9 years, 7 months
Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/bind.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
New commits:
commit aa935c9a9297ab22d3c7fc17381e735521d9cd03
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Sep 9 12:45:58 2014 -0700
Ticket #47748 - Simultaneous adding a user and binding as the user could fail in the password policy check
Description: commit 4fc53e1a63222d0ff67c30a59f2cff4b535f90a8 fix for
Ticket #47748 introduced a bug: "Simple bind hangs after enabling
password policy".
In do_bind, slapi_check_account_lock and need_new_pw overwrote the
return code from backend bind which is used later. This patch fixes
it not to override the return code.
https://fedorahosted.org/389/ticket/47748
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
(cherry picked from commit 4f11606b02419c8ccdb319b8040e683af9109d1b)
(cherry picked from commit 8c82941c0f2b0b5d7fa698a1ca3e4f26245cf85a)
(cherry picked from commit 5b6d60ec4d3d93d1d69f6a071ce135a06f4c8cfd)
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 92d7965..edb36c4 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -769,6 +769,7 @@ do_bind( Slapi_PBlock *pb )
}
if ( rc == SLAPI_BIND_SUCCESS ) {
+ int myrc = 0;
if (!auto_bind) {
/*
* There could be a race that bind_target_entry was not added
@@ -779,9 +780,9 @@ do_bind( Slapi_PBlock *pb )
if (!bind_target_entry) {
bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(sdn));
if (bind_target_entry) {
- rc = slapi_check_account_lock(pb, bind_target_entry,
+ myrc = slapi_check_account_lock(pb, bind_target_entry,
pw_response_requested, 1, 1);
- if (1 == rc) { /* account is locked */
+ if (1 == myrc) { /* account is locked */
goto account_locked;
}
} else {
@@ -795,8 +796,8 @@ do_bind( Slapi_PBlock *pb )
if (!slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) {
/* check if need new password before sending
the bind success result */
- rc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
- switch (rc) {
+ myrc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
+ switch (myrc) {
case 1:
(void)slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
break;
@@ -811,8 +812,8 @@ do_bind( Slapi_PBlock *pb )
if (auth_response_requested) {
slapi_add_auth_response_control(pb, slapi_sdn_get_ndn(sdn));
}
- if (-1 == rc) {
- /* neeed_new_pw failed; need_new_pw already send_ldap_result in it. */
+ if (-1 == myrc) {
+ /* need_new_pw failed; need_new_pw already send_ldap_result in it. */
goto free_and_return;
}
} else { /* anonymous */
9 years, 7 months
Branch '389-ds-base-1.3.2' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/bind.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
New commits:
commit 5b6d60ec4d3d93d1d69f6a071ce135a06f4c8cfd
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Sep 9 12:45:58 2014 -0700
Ticket #47748 - Simultaneous adding a user and binding as the user could fail in the password policy check
Description: commit 4fc53e1a63222d0ff67c30a59f2cff4b535f90a8 fix for
Ticket #47748 introduced a bug: "Simple bind hangs after enabling
password policy".
In do_bind, slapi_check_account_lock and need_new_pw overwrote the
return code from backend bind which is used later. This patch fixes
it not to override the return code.
https://fedorahosted.org/389/ticket/47748
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
(cherry picked from commit 4f11606b02419c8ccdb319b8040e683af9109d1b)
(cherry picked from commit 8c82941c0f2b0b5d7fa698a1ca3e4f26245cf85a)
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 58a4e13..bc4aa24 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -769,6 +769,7 @@ do_bind( Slapi_PBlock *pb )
}
if ( rc == SLAPI_BIND_SUCCESS ) {
+ int myrc = 0;
if (!auto_bind) {
/*
* There could be a race that bind_target_entry was not added
@@ -779,9 +780,9 @@ do_bind( Slapi_PBlock *pb )
if (!bind_target_entry) {
bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(sdn));
if (bind_target_entry) {
- rc = slapi_check_account_lock(pb, bind_target_entry,
+ myrc = slapi_check_account_lock(pb, bind_target_entry,
pw_response_requested, 1, 1);
- if (1 == rc) { /* account is locked */
+ if (1 == myrc) { /* account is locked */
goto account_locked;
}
} else {
@@ -795,8 +796,8 @@ do_bind( Slapi_PBlock *pb )
if (!slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) {
/* check if need new password before sending
the bind success result */
- rc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
- switch (rc) {
+ myrc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
+ switch (myrc) {
case 1:
(void)slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
break;
@@ -811,8 +812,8 @@ do_bind( Slapi_PBlock *pb )
if (auth_response_requested) {
slapi_add_auth_response_control(pb, slapi_sdn_get_ndn(sdn));
}
- if (-1 == rc) {
- /* neeed_new_pw failed; need_new_pw already send_ldap_result in it. */
+ if (-1 == myrc) {
+ /* need_new_pw failed; need_new_pw already send_ldap_result in it. */
goto free_and_return;
}
} else { /* anonymous */
9 years, 7 months
Branch '389-ds-base-1.3.3' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/bind.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
New commits:
commit 8c82941c0f2b0b5d7fa698a1ca3e4f26245cf85a
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Sep 9 12:45:58 2014 -0700
Ticket #47748 - Simultaneous adding a user and binding as the user could fail in the password policy check
Description: commit 4fc53e1a63222d0ff67c30a59f2cff4b535f90a8 fix for
Ticket #47748 introduced a bug: "Simple bind hangs after enabling
password policy".
In do_bind, slapi_check_account_lock and need_new_pw overwrote the
return code from backend bind which is used later. This patch fixes
it not to override the return code.
https://fedorahosted.org/389/ticket/47748
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
(cherry picked from commit 4f11606b02419c8ccdb319b8040e683af9109d1b)
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 58a4e13..bc4aa24 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -769,6 +769,7 @@ do_bind( Slapi_PBlock *pb )
}
if ( rc == SLAPI_BIND_SUCCESS ) {
+ int myrc = 0;
if (!auto_bind) {
/*
* There could be a race that bind_target_entry was not added
@@ -779,9 +780,9 @@ do_bind( Slapi_PBlock *pb )
if (!bind_target_entry) {
bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(sdn));
if (bind_target_entry) {
- rc = slapi_check_account_lock(pb, bind_target_entry,
+ myrc = slapi_check_account_lock(pb, bind_target_entry,
pw_response_requested, 1, 1);
- if (1 == rc) { /* account is locked */
+ if (1 == myrc) { /* account is locked */
goto account_locked;
}
} else {
@@ -795,8 +796,8 @@ do_bind( Slapi_PBlock *pb )
if (!slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) {
/* check if need new password before sending
the bind success result */
- rc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
- switch (rc) {
+ myrc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
+ switch (myrc) {
case 1:
(void)slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
break;
@@ -811,8 +812,8 @@ do_bind( Slapi_PBlock *pb )
if (auth_response_requested) {
slapi_add_auth_response_control(pb, slapi_sdn_get_ndn(sdn));
}
- if (-1 == rc) {
- /* neeed_new_pw failed; need_new_pw already send_ldap_result in it. */
+ if (-1 == myrc) {
+ /* need_new_pw failed; need_new_pw already send_ldap_result in it. */
goto free_and_return;
}
} else { /* anonymous */
9 years, 7 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/bind.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
New commits:
commit 4f11606b02419c8ccdb319b8040e683af9109d1b
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Sep 9 12:45:58 2014 -0700
Ticket #47748 - Simultaneous adding a user and binding as the user could fail in the password policy check
Description: commit 4fc53e1a63222d0ff67c30a59f2cff4b535f90a8 fix for
Ticket #47748 introduced a bug: "Simple bind hangs after enabling
password policy".
In do_bind, slapi_check_account_lock and need_new_pw overwrote the
return code from backend bind which is used later. This patch fixes
it not to override the return code.
https://fedorahosted.org/389/ticket/47748
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 58a4e13..bc4aa24 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -769,6 +769,7 @@ do_bind( Slapi_PBlock *pb )
}
if ( rc == SLAPI_BIND_SUCCESS ) {
+ int myrc = 0;
if (!auto_bind) {
/*
* There could be a race that bind_target_entry was not added
@@ -779,9 +780,9 @@ do_bind( Slapi_PBlock *pb )
if (!bind_target_entry) {
bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(sdn));
if (bind_target_entry) {
- rc = slapi_check_account_lock(pb, bind_target_entry,
+ myrc = slapi_check_account_lock(pb, bind_target_entry,
pw_response_requested, 1, 1);
- if (1 == rc) { /* account is locked */
+ if (1 == myrc) { /* account is locked */
goto account_locked;
}
} else {
@@ -795,8 +796,8 @@ do_bind( Slapi_PBlock *pb )
if (!slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) {
/* check if need new password before sending
the bind success result */
- rc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
- switch (rc) {
+ myrc = need_new_pw(pb, &t, bind_target_entry, pw_response_requested);
+ switch (myrc) {
case 1:
(void)slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
break;
@@ -811,8 +812,8 @@ do_bind( Slapi_PBlock *pb )
if (auth_response_requested) {
slapi_add_auth_response_control(pb, slapi_sdn_get_ndn(sdn));
}
- if (-1 == rc) {
- /* neeed_new_pw failed; need_new_pw already send_ldap_result in it. */
+ if (-1 == myrc) {
+ /* need_new_pw failed; need_new_pw already send_ldap_result in it. */
goto free_and_return;
}
} else { /* anonymous */
9 years, 7 months
admserv/newinst
by Mark Reynolds
admserv/newinst/src/ConfigDSDialogs.pm | 12 ++++++------
admserv/newinst/src/register-ds-admin.pl.in | 4 ++--
admserv/newinst/src/register_param.map.in | 4 ++--
admserv/newinst/src/register_server.pl.in | 6 ++++--
admserv/newinst/src/setup-ds-admin.pl.in | 6 +++---
5 files changed, 17 insertions(+), 15 deletions(-)
New commits:
commit cab7571b69c050ca4ed1768ab1c05276a72523d1
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Sep 8 19:05:58 2014 -0400
Ticket 47893 - Admin Server should use Sys::Hostname instead Net::Domain
Bug Description: hostfqdn function does not always return the correct fqdn.
Sometimes it incorrectly adds ".com" when it should not.
Fix Description: Use Sys::Hostname/hostname() which does return the correct
fqdn.
https://fedorahosted.org/389/ticket/47893
Reviewed by: rmeggins(Thanks!)
diff --git a/admserv/newinst/src/ConfigDSDialogs.pm b/admserv/newinst/src/ConfigDSDialogs.pm
index 3501870..f168825 100644
--- a/admserv/newinst/src/ConfigDSDialogs.pm
+++ b/admserv/newinst/src/ConfigDSDialogs.pm
@@ -20,7 +20,7 @@ package ConfigDSDialogs;
use strict;
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname;
use DialogManager;
use Setup;
use Dialog;
@@ -74,7 +74,7 @@ my $configdsinfo = new Dialog (
my $url = $self->{manager}->{inf}->{General}->{ConfigDirectoryLdapURL};
if (!defined($url)) {
my $host = $self->{manager}->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
my $port = $self->{manager}->{inf}->{slapd}->{ServerPort} || 389;
if (!portAvailable($port)) {
$port = getAvailablePort();
@@ -92,7 +92,7 @@ my $configdsinfo = new Dialog (
my $admindomain = $self->{manager}->{inf}->{General}->{AdminDomain};
if (!defined($admindomain)) {
$admindomain = $self->{manager}->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
$admindomain =~ s/^[^\.]*\.//; # just the domain part
}
return $admindomain;
@@ -177,7 +177,7 @@ my $regconfigdsinfo = new Dialog (
my $url = $self->{manager}->{inf}->{General}->{ConfigDirectoryLdapURL};
if (!defined($url)) {
my $host = $self->{manager}->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
my $port = $self->{manager}->{inf}->{slapd}->{ServerPort} || 389;
if (!portAvailable($port)) {
$port = getAvailablePort();
@@ -195,7 +195,7 @@ my $regconfigdsinfo = new Dialog (
my $admindomain = $self->{manager}->{inf}->{General}->{AdminDomain};
if (!defined($admindomain)) {
$admindomain = $self->{manager}->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
$admindomain =~ s/^[^\.]*\.//; # just the domain part
}
return $admindomain;
@@ -339,7 +339,7 @@ my $configdsadmindomain = new Dialog (
my $admindomain = $self->{manager}->{inf}->{General}->{AdminDomain};
if (!defined($admindomain)) {
$admindomain = $self->{manager}->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
$admindomain =~ s/^[^\.]*\.//; # just the domain part
}
return $admindomain;
diff --git a/admserv/newinst/src/register-ds-admin.pl.in b/admserv/newinst/src/register-ds-admin.pl.in
index 45ca806..2f92411 100644
--- a/admserv/newinst/src/register-ds-admin.pl.in
+++ b/admserv/newinst/src/register-ds-admin.pl.in
@@ -42,7 +42,7 @@ use lib qw(@perlpath@);
use strict;
use File::Basename;
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname;
# Admin Setup modules
use AdminUtil;
@@ -220,7 +220,7 @@ my $new_confdsid = "";
my $new_confdir = "";
my $adminuid = "";
my @errs = ();
-my $fqdn = hostfqdn();
+my $fqdn = hostname();
# set defaults
if ( $#admConfKeys >= 4 ) # admserv.conf, console.conf, httpd.conf, nss.conf
diff --git a/admserv/newinst/src/register_param.map.in b/admserv/newinst/src/register_param.map.in
index cd13c61..1084e94 100644
--- a/admserv/newinst/src/register_param.map.in
+++ b/admserv/newinst/src/register_param.map.in
@@ -36,8 +36,8 @@
# * The right-hand value can contain variables surrounded by % (e.g., %asid%)
# which refers the right-hand value (key) of this map file.
#
-fqdn = `use Net::Domain qw(hostfqdn); $returnvalue = hostfqdn();`
-domain = `use Net::Domain qw(hostdomain); $returnvalue = hostdomain();`
+fqdn = `use Sys::Hostname; $returnvalue = hostname();`
+domain = `use Sys::Hostname; $fqdn = hostname(); $fqdn =~ /(.+?)(?=\.)/; $fqdn =~ s/$1\.//; $returnvalue = $fqdn;`
brand = Brand
normbrand = NormBrand
hostname = `$returnvalue = $mapper->{fqdn}; $returnvalue =~ s/\..*$//;`
diff --git a/admserv/newinst/src/register_server.pl.in b/admserv/newinst/src/register_server.pl.in
index 7ab6cf9..eac6337 100644
--- a/admserv/newinst/src/register_server.pl.in
+++ b/admserv/newinst/src/register_server.pl.in
@@ -37,9 +37,11 @@
use lib qw(@perlpath@);
use Getopt::Std;
-use Net::Domain qw(hostname hostfqdn);
+use Sys::Hostname;
+
# PERLDAP modules
use Mozilla::LDAP::Conn;
+
# Setup Inf module
use Inf;
use DSUtil;
@@ -78,7 +80,7 @@ $confds_fresh = $opt_F;
$confds_host = $opt_h;
if ( "" eq $confds_host )
{
- $confds_host = hostfqdn();
+ $confds_host = hostname();
}
$confds_port = $opt_p;
if ( "" eq $confds_port )
diff --git a/admserv/newinst/src/setup-ds-admin.pl.in b/admserv/newinst/src/setup-ds-admin.pl.in
index edb0f2d..3436f37 100644
--- a/admserv/newinst/src/setup-ds-admin.pl.in
+++ b/admserv/newinst/src/setup-ds-admin.pl.in
@@ -31,7 +31,7 @@ use DSUpdate;
use AdminUtil;
use AdminServer;
use DSUtil;
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname;
my $res = new Resource("@propertydir(a)/setup-ds.res",
"@propertydir(a)/setup-ds-admin.res");
@@ -164,7 +164,7 @@ if (!$setup->{silent}) {
# set default values
if (!defined($setup->{inf}->{General}->{FullMachineName})) {
- $setup->{inf}->{General}->{FullMachineName} = hostfqdn;
+ $setup->{inf}->{General}->{FullMachineName} = hostname();
}
if (!defined($setup->{inf}->{slapd}->{ServerPort})) {
@@ -195,7 +195,7 @@ if (!defined($setup->{inf}->{General}->{ConfigDirectoryAdminID})) {
if (!defined($setup->{inf}->{General}->{AdminDomain})) {
my $admindomain = $setup->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
$admindomain =~ s/^[^\.]*\.//; # just the domain part
$setup->{inf}->{General}->{AdminDomain} = $admindomain;
}
9 years, 7 months
ldap/admin
by Mark Reynolds
ldap/admin/src/scripts/DSCreate.pm.in | 4 ++--
ldap/admin/src/scripts/DSDialogs.pm | 6 +++---
ldap/admin/src/scripts/Migration.pm.in | 2 +-
ldap/admin/src/scripts/Setup.pm.in | 2 +-
ldap/admin/src/scripts/SetupDialogs.pm.in | 4 ++--
5 files changed, 9 insertions(+), 9 deletions(-)
New commits:
commit f5a0f6ac89f87d7e559b1d5c042cac9a921ea16b
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Sep 8 19:19:38 2014 -0400
Ticket 47893 - should use Sys::Hostname instead Net::Domain
Bug Description: hostfqdn function does not always return the correct fqdn.
Sometimes it incorrectly adds ".com" when it should not.
Fix Description: Use Sys::Hostname/hostname() which does return the correct
fqdn.
https://fedorahosted.org/389/ticket/47893
Reviewed by: rmeggins(Thanks!)
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in
index 58408c1..2756b85 100644
--- a/ldap/admin/src/scripts/DSCreate.pm.in
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
@@ -48,7 +48,7 @@ use DSUtil;
use Inf;
use FileConn;
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname;
# tempfiles
use File::Temp qw(tempfile tempdir);
use File::Path;
@@ -820,7 +820,7 @@ sub setDefaults {
}
if (!$inf->{General}->{FullMachineName}) {
- $inf->{General}->{FullMachineName} = hostfqdn;
+ $inf->{General}->{FullMachineName} = hostname();
}
if (!$inf->{General}->{SuiteSpotUserID}) {
diff --git a/ldap/admin/src/scripts/DSDialogs.pm b/ldap/admin/src/scripts/DSDialogs.pm
index 00765e0..3cc8754 100644
--- a/ldap/admin/src/scripts/DSDialogs.pm
+++ b/ldap/admin/src/scripts/DSDialogs.pm
@@ -40,7 +40,7 @@ package DSDialogs;
use strict;
-use Net::Domain qw(hostname hostfqdn);
+use Sys::Hostname;
use DialogManager;
use Setup;
use Dialog;
@@ -86,7 +86,7 @@ my $dsserverid = new Dialog (
if (!defined($serverid)) {
$serverid = $self->{manager}->{inf}->{General}->{FullMachineName};
if (!defined($serverid)) {
- $serverid = hostfqdn;
+ $serverid = hostname();
}
# strip out the leftmost domain component
$serverid =~ s/\..*$//;
@@ -124,7 +124,7 @@ my $dssuffix = new Dialog (
if (!defined($suffix)) {
$suffix = $self->{manager}->{inf}->{General}->{FullMachineName};
if (!defined($suffix)) {
- $suffix = hostfqdn;
+ $suffix = hostname();
}
$suffix =~ s/^[^\.]*\.//; # just the domain part
# convert fqdn to dc= domain components
diff --git a/ldap/admin/src/scripts/Migration.pm.in b/ldap/admin/src/scripts/Migration.pm.in
index 42a92c1..0f0968a 100644
--- a/ldap/admin/src/scripts/Migration.pm.in
+++ b/ldap/admin/src/scripts/Migration.pm.in
@@ -55,7 +55,7 @@ use Exporter ();
@EXPORT_OK = qw();
# hostname
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname;
# load perldap
use Mozilla::LDAP::Conn;
diff --git a/ldap/admin/src/scripts/Setup.pm.in b/ldap/admin/src/scripts/Setup.pm.in
index e154367..51f7710 100644
--- a/ldap/admin/src/scripts/Setup.pm.in
+++ b/ldap/admin/src/scripts/Setup.pm.in
@@ -53,7 +53,7 @@ use Exporter ();
@EXPORT_OK = qw($SILENT $EXPRESS $TYPICAL $CUSTOM);
# hostname
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname; # hostname()
# load perldap
use Mozilla::LDAP::Conn;
diff --git a/ldap/admin/src/scripts/SetupDialogs.pm.in b/ldap/admin/src/scripts/SetupDialogs.pm.in
index ee2838d..de41eda 100644
--- a/ldap/admin/src/scripts/SetupDialogs.pm.in
+++ b/ldap/admin/src/scripts/SetupDialogs.pm.in
@@ -43,7 +43,7 @@ use strict;
use DialogManager;
use Setup;
use Dialog;
-use Net::Domain qw(hostfqdn);
+use Sys::Hostname;
use DSUtil;
my $welcome = new DialogYesNo (
@@ -112,7 +112,7 @@ my $hostdlg = new Dialog (
sub {
my $self = shift;
return $self->{manager}->{inf}->{General}->{FullMachineName} ||
- hostfqdn;
+ hostname();
},
sub {
my $self = shift;
9 years, 7 months
admserv/newinst
by Mark Reynolds
admserv/newinst/src/AdminServer.pm.in | 56 ++++++++++++++++++++++++++++++++--
1 file changed, 53 insertions(+), 3 deletions(-)
New commits:
commit fa79ba174a410571af6206568877f91ccfe9aa8e
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Sep 8 16:41:23 2014 -0400
Ticket 47891 - Admin Server reconfig breaks SSL config
Bug Description: The "reconfigAdminServer" function overwrites the
security files which breaks SSL.
Fix Description: When doing the "reconfig" operation make a backup
of the security files, and restore them at the
end of the operation.
https://fedorahosted.org/389/ticket/47891
Reviewed by: nhosoi(Thanks!)
diff --git a/admserv/newinst/src/AdminServer.pm.in b/admserv/newinst/src/AdminServer.pm.in
index 7c7b511..a189c66 100644
--- a/admserv/newinst/src/AdminServer.pm.in
+++ b/admserv/newinst/src/AdminServer.pm.in
@@ -29,6 +29,10 @@ require Exporter;
updateSelinuxPolicy);
use File::Path;
+use File::Copy;
+
+my $secfile_backup_dir = "/tmp/adm-sec-files." . $$;
+
# tempfiles
use File::Temp qw(tempfile tempdir);
@@ -357,6 +361,7 @@ sub registerASWithConfigDS {
my @saveconffiles = qw(admserv.conf httpd.conf nss.conf console.conf);
my @savesecfiles = qw(cert8.db key3.db secmod.db password.conf);
+my @reconfigsavefiles = qw (httpd.conf nss.conf cert8.db key3.db secmod.db password.conf);
# update other config files - these are the fields which users typically want to
# change during an install or an upgrade, that also must be synced to the Apache
@@ -420,14 +425,17 @@ sub updateHttpConfFiles {
debug(0, "Error backing up $admConf->{configdir}/console.conf failed: $!");
}
}
- # backup savefiles for "remove-ds-admin.pl -a"
+ # backup the savefiles for "remove-ds-admin.pl -a"
foreach my $savefile (@saveconffiles, @savesecfiles) {
if (! -f "$admConf->{configdir}/bakup/$savefile") {
- if (system ("cp -p $admConf->{configdir}/$savefile $admConf->{configdir}/bakup")) {
- debug(0, "Error backing up $admConf->{configdir}/$savefile failed: $!");
+ if (-e "$admConf->{configdir}/$savefile"){
+ if(system ("cp -p $admConf->{configdir}/$savefile $admConf->{configdir}/bakup")) {
+ debug(0, "Error backing up $admConf->{configdir}/$savefile failed: $!\n");
+ }
}
}
}
+
return 1;
}
@@ -499,6 +507,42 @@ sub startAdminServer {
return 1;
}
+sub reconfig_backup_secfiles
+{
+ #
+ # Backup the security files, because when we reconfigure the admin
+ # server it overwrites these files and breaks SSL.
+ #
+ my $configdir = shift;
+
+ if ( ! -d $secfile_backup_dir){
+ mkdir ($secfile_backup_dir, 0755);
+ }
+ foreach my $savefile (@reconfigsavefiles) {
+ if ( -e "$configdir/$savefile"){
+ copy ("$configdir/$savefile", "$secfile_backup_dir/$savefile");
+ debug(1, "Backing up $configdir/$savefile to $secfile_backup_dir/$savefile\n");
+ if (! -e "$secfile_backup_dir/$savefile"){
+ debug(0, "Backup file $secfile_backup_dir/$savefile not found, error $!\n");
+ }
+ }
+ }
+}
+
+sub reconfig_restore_secfiles
+{
+ #
+ # Restore security files
+ #
+ my $configdir = shift;
+
+ foreach my $savefile (@reconfigsavefiles) {
+ move ("$secfile_backup_dir/$savefile" ,"$configdir/$savefile");
+ debug(1, "Restoring $configdir/$savefile with $secfile_backup_dir/$savefile\n");
+ }
+ rmdir ($secfile_backup_dir);
+}
+
sub createAdminServer {
my $setup = shift;
my $reconfig = shift;
@@ -506,6 +550,7 @@ sub createAdminServer {
if ($reconfig) {
$setup->msg('begin_reconfig_adminserver');
+ reconfig_backup_secfiles($setup->{inf}->{admin}->{config_dir});
} else {
$setup->msg('begin_create_adminserver');
}
@@ -572,6 +617,11 @@ sub createAdminServer {
# Update SELinux policy if needed
updateSelinuxPolicy($setup, $configdir, $securitydir, $logdir, $rundir);
+ # Restore the security files before we start the server
+ if ($reconfig) {
+ reconfig_restore_secfiles($setup->{inf}->{admin}->{config_dir});
+ }
+
if (!startAdminServer($setup, $configdir, $logdir, $rundir)) {
return 0;
}
9 years, 7 months
man/man8
by Mark Reynolds
man/man8/remove-ds-admin.pl.8 | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
New commits:
commit 376cb989e9b156e9a11c85cdd2a01585ca2922dd
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Sep 8 17:00:42 2014 -0400
Ticket 47300 - Update man page for remove-ds-admin.pl
Description: The man page does not mention the "-a" option
https://fedorahosted.org/389/ticket/47300
Reviewed by: nhosoi(Thanks!)
diff --git a/man/man8/remove-ds-admin.pl.8 b/man/man8/remove-ds-admin.pl.8
index 1830007..6dd8582 100644
--- a/man/man8/remove-ds-admin.pl.8
+++ b/man/man8/remove-ds-admin.pl.8
@@ -19,7 +19,7 @@
remove\-ds\-admin.pl \- Remove all Directory Servers and Admin Server
.SH SYNOPSIS
.B remove-ds-admin.pl
-[\-f] [\-d \-d ... \-d] [\-y]
+[\-f] [\-d \-d ... \-d] [\-y] [\-a]
.SH DESCRIPTION
Shuts down and removes all Directory Server instances and the Admin Server
from the system. The directory server instance configuration
@@ -45,7 +45,13 @@ Force removal - continue on error - otherwise, the command will abort at the fir
Enable debugging - adding more -d will make output more verbose
.TP
.B \fB\-y\fR
-Do the actual processing. Since the command is very destructive, you must provide the -y argument in order for the operation to proceed. \fBUse with extreme caution!\fR
+Do the actual processing. Since the command is very destructive, you must provide the -y argument
+in order for the operation to proceed. \fBUse with extreme caution!\fR Note, the security/certificate
+files are preserved for future setups.
+.TP
+.B \fB\-a\fR
+Remove all the security/certificate files (used with the \-y option). This ensures a complete clean up of the
+previous installation.
.br
.SH AUTHOR
remove-ds-admin.pl was written by the 389 Project.
9 years, 7 months