Branch '389-ds-base-1.3.3' - ldap/servers
by thierry bordaz
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit a4db5ec54b8207c4f366230a261b68af6b8c773a
Author: Thierry Bordaz <tbordaz(a)redhat.com>
Date: Tue Nov 3 15:59:54 2015 +0100
Ticket 47976: deadlock in mep delete post op
Bug Description:
When deleting the original entry, some DB pages are acquired in write.
The deadlock occurs because when reading the parent entry of the MEP entry
MEP plugin requires read access to one of the page acquired by the deletion of the original entry.
The read access can be granted if it is using the parent txn.
This bug requires that the parent entry of the MEP entry is not found in the entry cache, so
it requires database access
Fix Description:
Fix ldbm_delete, so that it reads id2entry db with parent txn
https://fedorahosted.org/389/ticket/47976
Reviewed by: Ludwig Krispenz, Rich Megginson (Thanks you !!)
Platforms tested: F17
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 4f97c2b..b9fc81b 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -506,7 +506,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
* the parent. If we fail to lock the entry, just try again.
*/
while(1){
- parent = id2entry(be, pid ,NULL, &retval);
+ parent = id2entry(be, pid ,&txn, &retval);
if (parent && (cache_retry = cache_lock_entry(&inst->inst_cache, parent))) {
/* Failed to obtain parent entry's entry lock */
if(cache_retry == RETRY_CACHE_LOCK &&
8 years, 5 months
Branch '389-ds-base-1.2.11' - ldap/servers
by thierry bordaz
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 24a38f20ae999cf731702ef1d785f5f0d5cd115f
Author: Thierry Bordaz <tbordaz(a)redhat.com>
Date: Thu Nov 5 11:44:05 2015 +0100
Ticket 47976: deadlock in mep delete post op
Bug Description:
When deleting the original entry, some DB pages are acquired in write.
The deadlock occurs because when reading the parent entry of the MEP entry
MEP plugin requires read access to one of the page acquired by the deletion of the original entry.
The read access can be granted if it is using the parent txn.
This bug requires that the parent entry of the MEP entry is not found in the entry cache, so
it requires database access
Fix Description:
Fix ldbm_delete, so that it reads id2entry db with parent txn
https://fedorahosted.org/389/ticket/47976
Reviewed by: Ludwig Krispenz, Rich Megginson (Thanks you !!)
Platforms tested: F17
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index b05f251..5a6fbb5 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -370,7 +370,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
* the parent. If we fail to lock the entry, just try again.
*/
while(1){
- parent = id2entry(be, pid ,NULL, &retval);
+ parent = id2entry(be, pid ,&txn, &retval);
if (parent && (cache_retry = cache_lock_entry(&inst->inst_cache, parent))) {
/* Failed to obtain parent entry's entry lock */
if(cache_retry == RETRY_CACHE_LOCK &&
8 years, 5 months
ldap/servers
by thierry bordaz
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 83c98d9d325ec38396e1fb5fa12a9694b05dd77f
Author: Thierry Bordaz <tbordaz(a)redhat.com>
Date: Tue Nov 3 15:59:54 2015 +0100
Ticket 47976: deadlock in mep delete post op
Bug Description:
When deleting the original entry, some DB pages are acquired in write.
The deadlock occurs because when reading the parent entry of the MEP entry
MEP plugin requires read access to one of the page acquired by the deletion of the original entry.
The read access can be granted if it is using the parent txn.
This bug requires that the parent entry of the MEP entry is not found in the entry cache, so
it requires database access
Fix Description:
Fix ldbm_delete, so that it reads id2entry db with parent txn
https://fedorahosted.org/389/ticket/47976
Reviewed by: Ludwig Krispenz, Rich Megginson (Thanks you !!)
Platforms tested: F17
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index f31d545..100a71d 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -477,7 +477,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
* the parent. If we fail to lock the entry, just try again.
*/
while(1){
- parent = id2entry(be, pid ,NULL, &retval);
+ parent = id2entry(be, pid ,&txn, &retval);
if (parent && (cache_retry = cache_lock_entry(&inst->inst_cache, parent))) {
/* Failed to obtain parent entry's entry lock */
if(cache_retry == RETRY_CACHE_LOCK &&
8 years, 5 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/slapi-plugin.h | 2 +-
ldap/servers/slapd/slapi2nspr.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
New commits:
commit 0d1ce9de608d582ea2ca0f5e48fe2f2213f0b683
Author: Martin Basti <mbasti(a)redhat.com>
Date: Tue Nov 3 17:32:53 2015 +0100
Add 'void' to function definition to avoid compiler warnings
During compiling of FreeIPA we are receiving compiler error:
slapi-plugin.h:6149, GNU C Compiler 4 (gcc), Priority: Normal
function declaration isn't a prototype [-Wstrict-prototypes]
This patch should fix the compiler warning.
Reviewed by nhosoi(a)redhat.com.
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index 72f3920..d2b076b 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -6146,7 +6146,7 @@ int slapi_rwlock_unlock( Slapi_RWLock *rwlock );
*
* \return the size of Slapi_RWLock
*/
-int slapi_rwlock_get_size();
+int slapi_rwlock_get_size( void );
/*
* thread-safe LDAP connections
diff --git a/ldap/servers/slapd/slapi2nspr.c b/ldap/servers/slapd/slapi2nspr.c
index 4bd88fe..1bfb306 100644
--- a/ldap/servers/slapd/slapi2nspr.c
+++ b/ldap/servers/slapd/slapi2nspr.c
@@ -261,7 +261,7 @@ slapi_rwlock_unlock( Slapi_RWLock *rwlock )
}
int
-slapi_rwlock_get_size()
+slapi_rwlock_get_size( void )
{
#ifdef USE_POSIX_RWLOCKS
return sizeof(pthread_rwlock_t);
8 years, 5 months
Changes to '94ca981598d2ed6addd438988f71a489fe456769'
by William Brown
New branch '94ca981598d2ed6addd438988f71a489fe456769' available with the following commits:
commit 94ca981598d2ed6addd438988f71a489fe456769
Author: William Brown <firstyear(a)redhat.com>
Date: Tue Nov 3 09:19:54 2015 +1000
Ticket #48317: SELinux port labeling retry attempts are excessive
https://fedorahosted.org/389/ticket/48317
Bug Description: In dscreate.pm we attempt to label the ldap_port_t type 60
times in the case of a failure. This is excessive, and it means the setup-ds.pl
appears to hang in certain cases.
Fix Description:
Reduce this number to 5 attempts, and when debug is enabled, display the amount
of attempts remaining.
Author: wibrown(a)redhat.com
Review by: nhosoi(a)redhat.com (Thank you Noriko!)
8 years, 5 months
ldap/admin
by Noriko Hosoi
ldap/admin/src/scripts/DSUtil.pm.in | 6 ++++++
1 file changed, 6 insertions(+)
New commits:
commit aff9705dc42bb6109c55336a50219473ab948bbe
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Oct 30 10:43:26 2015 -0700
Ticket #48328 - RFE: Allow RHDS to be setup using a DNS CNAME alias for General.FullMachineName
Description: When the Directory Server is installed, its FQDN may need to
be an alias (CNAME) to let it run behind the proxy such as a load balancer.
The current setup script does not allow it. This patch addes to check the
given FQDN with CNAME in addition to doing the reverse lookup.
https://fedorahosted.org/389/ticket/48328
Reviewed by wibrown(a)redhat.com (Thank you, William!!)
diff --git a/ldap/admin/src/scripts/DSUtil.pm.in b/ldap/admin/src/scripts/DSUtil.pm.in
index 93bd54a..9830703 100644
--- a/ldap/admin/src/scripts/DSUtil.pm.in
+++ b/ldap/admin/src/scripts/DSUtil.pm.in
@@ -241,6 +241,12 @@ sub checkHostname {
}
}
}
+ if (!$found) {
+ system("@bindir@/host -t CNAME $hn 2>&1 1> /dev/null");
+ if ($? == 0){
+ $found = 1;
+ }
+ }
} elsif (eval {require Socket6; 1}) {
debug(1, "Socket6\n");
my @aires = getaddrinfo($hn, "ldap", AF_UNSPEC, SOCK_STREAM);
8 years, 5 months
dirsrvtests/tickets
by Noriko Hosoi
dirsrvtests/tickets/ticket48326_test.py | 230 ++++++++++++++++++++++++++++++++
1 file changed, 230 insertions(+)
New commits:
commit 8982b3008dcf456a1a116a8aede6f9d35b220bda
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Nov 2 13:53:34 2015 -0800
Ticket #48326 - CI test: added test cases for ticket 48326
Description: [RFE] it could be nice to have nsslapd-maxbersize default to bigger than 2Mb
diff --git a/dirsrvtests/tickets/ticket48326_test.py b/dirsrvtests/tickets/ticket48326_test.py
new file mode 100644
index 0000000..1434f2d
--- /dev/null
+++ b/dirsrvtests/tickets/ticket48326_test.py
@@ -0,0 +1,230 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+# License: GPL (version 3 or any later version).
+# See LICENSE for details.
+# --- END COPYRIGHT BLOCK ---
+#
+import os
+import sys
+import time
+import shlex
+import subprocess
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry, tools, tasks
+from lib389.tools import DirSrvTools
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+from lib389.utils import *
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+MYDN = 'uid=tuser1M,dc=example,dc=com'
+MYLDIF = 'ticket48326.ldif'
+
+class TopologyReplication(object):
+ def __init__(self, master1, master2):
+ master1.open()
+ self.master1 = master1
+ master2.open()
+ self.master2 = master2
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating master 1...
+ master1 = DirSrv(verbose=False)
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+ args_instance[SER_HOST] = HOST_MASTER_1
+ args_instance[SER_PORT] = PORT_MASTER_1
+ args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_1
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_master = args_instance.copy()
+ master1.allocate(args_master)
+ instance_master1 = master1.exists()
+ if instance_master1:
+ master1.delete()
+ master1.create()
+ master1.open()
+ master1.replica.enableReplication(suffix=SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_1)
+
+ # Creating master 2...
+ master2 = DirSrv(verbose=False)
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+ args_instance[SER_HOST] = HOST_MASTER_2
+ args_instance[SER_PORT] = PORT_MASTER_2
+ args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_2
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_master = args_instance.copy()
+ master2.allocate(args_master)
+ instance_master2 = master2.exists()
+ if instance_master2:
+ master2.delete()
+ master2.create()
+ master2.open()
+ master2.replica.enableReplication(suffix=SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_2)
+
+ #
+ # Create all the agreements
+ #
+ # Creating agreement from master 1 to master 2
+ properties = {RA_NAME: r'meTo_$host:$port',
+ RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],
+ RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],
+ RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],
+ RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
+ m1_m2_agmt = master1.agreement.create(suffix=SUFFIX, host=master2.host, port=master2.port, properties=properties)
+ if not m1_m2_agmt:
+ log.fatal("Fail to create a master -> master replica agreement")
+ sys.exit(1)
+ log.debug("%s created" % m1_m2_agmt)
+
+ # Creating agreement from master 2 to master 1
+ properties = {RA_NAME: r'meTo_$host:$port',
+ RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],
+ RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],
+ RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],
+ RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
+ m2_m1_agmt = master2.agreement.create(suffix=SUFFIX, host=master1.host, port=master1.port, properties=properties)
+ if not m2_m1_agmt:
+ log.fatal("Fail to create a master -> master replica agreement")
+ sys.exit(1)
+ log.debug("%s created" % m2_m1_agmt)
+
+ # Allow the replicas to get situated with the new agreements...
+ time.sleep(5)
+
+ #
+ # Initialize all the agreements
+ #
+ master1.agreement.init(SUFFIX, HOST_MASTER_2, PORT_MASTER_2)
+ master1.waitForReplInit(m1_m2_agmt)
+
+ # Check replication is working...
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
+ assert False
+
+ # Delete each instance in the end
+ def fin():
+ master1.delete()
+ master2.delete()
+ request.addfinalizer(fin)
+
+ # Clear out the tmp dir
+ master1.clearTmpDir(__file__)
+
+ return TopologyReplication(master1, master2)
+
+
+(a)pytest.fixture(scope="module")
+
+
+def add_entry(topology, server, serverPort, expectToFail):
+ """
+ Adding 1Mentry to the given server
+ Check the add result based upon the expectToFail info.
+ """
+ if expectToFail:
+ log.info("Adding 1M entry to %s expecting to fail." % server)
+ else:
+ log.info("Adding 1M entry to %s expecting to succeed." % server)
+
+ data_dir_path = topology.master1.getDir(__file__, DATA_DIR)
+ ldif_file = data_dir_path + MYLDIF
+
+ #strcmdline = '/usr/bin/ldapmodify -x -h localhost -p' + str(serverPort) + '-D' + DN_DM + '-w' + PW_DM + '-af' + ldif_file
+ #cmdline = shlex.split(strcmdline)
+ cmdline = ['/usr/bin/ldapmodify', '-x', '-h', 'localhost', '-p', str(serverPort),
+ '-D', DN_DM, '-w', PW_DM, '-af', ldif_file]
+ log.info("Running cmdline (%s): %s" % (server, cmdline))
+
+ try:
+ proc = subprocess.Popen(cmdline, stderr=subprocess.PIPE)
+ except Exception as e:
+ log.info("%s caught in exception: %s" % (cmdline, e))
+ assert False
+
+ Found = False
+ Expected = "ldap_result: Can't contact LDAP server"
+ while True:
+ l = proc.stderr.readline()
+ if l == "":
+ break
+ if Expected in l:
+ Found = True
+ break
+
+ if expectToFail:
+ if Found:
+ log.info("Adding 1M entry to %s failed as expected: %s" % (server, l))
+ else:
+ log.fatal("Expected error message %s was not returned: %s" % Expected)
+ assert False
+ else:
+ if Found:
+ log.fatal("%s failed although expecting to succeed: %s" % (cmdline, l))
+ assert False
+ else:
+ log.info("Adding 1M entry to %s succeeded as expected" % server)
+
+
+def test_ticket48326(topology):
+ """
+ maxbersize is ignored in the replicated operations.
+ [settings]
+ master1 has default size maxbersize (2MB).
+ master2 has much saller size maxbersize (20KB).
+ [test case]
+ Adding an entry which size is larger than 20KB to master2 fails.
+ But adding an entry which size is larger than 20KB and less than 2MB to master1 succeeds
+ and the entry is successfully replicated to master2.
+ """
+ log.info("Ticket 48326 - it could be nice to have nsslapd-maxbersize default to bigger than 2Mb")
+ log.info("Set nsslapd-maxbersize: 20K to master2")
+ try:
+ topology.master2.modify_s("cn=config", [(ldap.MOD_REPLACE, 'nsslapd-maxbersize', '20480')])
+ except ldap.LDAPError as e:
+ log.error('Failed to set nsslapd-maxbersize == 20480: error ' + e.message['desc'])
+ assert False
+
+ add_entry(topology, "master2", PORT_MASTER_2, True)
+
+ add_entry(topology, "master1", PORT_MASTER_1, False)
+
+ time.sleep(1)
+
+ log.info('Searching for %s on master2...', MYDN)
+ try:
+ entries = topology.master2.search_s(MYDN, ldap.SCOPE_BASE, '(objectclass=*)')
+ if not entries:
+ log.fatal('Entry %s failed to repliate to master2.' % MYDN)
+ assert False
+ else:
+ log.info('SUCCESS: Entry %s is successfully replicated to master2.' % MYDN)
+ except ldap.LDAPError as e:
+ log.fatal('Search failed: ' + e.message['desc'])
+ assert False
+
+
+if __name__ == '__main__':
+ # Run isolated
+ # -s for DEBUG mode
+
+ CURRENT_FILE = os.path.realpath(__file__)
+ pytest.main("-s %s" % CURRENT_FILE)
8 years, 5 months