[389-ds-base] branch 389-ds-base-1.4.3 updated: Bump version to 1.4.3.10
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 23b4d72 Bump version to 1.4.3.10
23b4d72 is described below
commit 23b4d726f5c9e12e6138fbb004da01b7d083e29d
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Mon Jun 15 13:42:23 2020 -0400
Bump version to 1.4.3.10
---
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/VERSION.sh b/VERSION.sh
index bf17b8e..d868350 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -10,7 +10,7 @@ vendor="389 Project"
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=4
-VERSION_MAINT=3.9
+VERSION_MAINT=3.10
# NOTE: VERSION_PREREL is automatically set for builds made out of a git tree
VERSION_PREREL=
VERSION_DATE=$(date -u +%Y%m%d)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.3 updated: Ticket 49859 - A distinguished value can be missing in an entry
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
tbordaz pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 113a104 Ticket 49859 - A distinguished value can be missing in an entry
113a104 is described below
commit 113a104e4b36798b55bb4cf50cd8915d099f0d99
Author: Thierry Bordaz <tbordaz(a)redhat.com>
AuthorDate: Fri Jun 5 12:14:51 2020 +0200
Ticket 49859 - A distinguished value can be missing in an entry
Bug description:
According to RFC 4511 (see ticket), the values of the RDN attributes
should be present in an entry.
With a set of replicated operations, it is possible that those values
would be missing
Fix description:
MOD and MODRDN update checks that the RDN values are presents.
If they are missing they are added to the resulting entry. In addition
the set of modifications to add those values are also indexed.
The specific case of single-valued attributes, where the final and unique value
can not be the RDN value, the attribute nsds5ReplConflict is added.
https://pagure.io/389-ds-base/issue/49859
Reviewed by: Mark Reynolds, William Brown
Platforms tested: F31
---
.../suites/replication/conflict_resolve_test.py | 174 ++++++++++++++++++++-
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 136 ++++++++++++++++
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 37 ++++-
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 1 +
4 files changed, 343 insertions(+), 5 deletions(-)
diff --git a/dirsrvtests/tests/suites/replication/conflict_resolve_test.py b/dirsrvtests/tests/suites/replication/conflict_resolve_test.py
index 99a0729..48d0067 100644
--- a/dirsrvtests/tests/suites/replication/conflict_resolve_test.py
+++ b/dirsrvtests/tests/suites/replication/conflict_resolve_test.py
@@ -10,10 +10,11 @@ import time
import logging
import ldap
import pytest
+import re
from itertools import permutations
from lib389._constants import *
from lib389.idm.nscontainer import nsContainers
-from lib389.idm.user import UserAccounts
+from lib389.idm.user import UserAccounts, UserAccount
from lib389.idm.group import Groups
from lib389.idm.organizationalunit import OrganizationalUnits
from lib389.replica import ReplicationManager
@@ -763,6 +764,177 @@ class TestTwoMasters:
user_dns_m2 = [user.dn for user in test_users_m2.list()]
assert set(user_dns_m1) == set(user_dns_m2)
+ def test_conflict_attribute_multi_valued(self, topology_m2, base_m2):
+ """A RDN attribute being multi-valued, checks that after several operations
+ MODRDN and MOD_REPL its RDN values are the same on both servers
+
+ :id: 225b3522-8ed7-4256-96f9-5fab9b7044a5
+ :setup: Two master replication,
+ audit log, error log for replica and access log for internal
+ :steps:
+ 1. Create a test entry uid=user_test_1000,...
+ 2. Pause all replication agreements
+ 3. On M1 rename it into uid=foo1,...
+ 4. On M2 rename it into uid=foo2,...
+ 5. On M1 MOD_REPL uid:foo1
+ 6. Resume all replication agreements
+ 7. Check that entry on M1 has uid=foo1, foo2
+ 8. Check that entry on M2 has uid=foo1, foo2
+ 9. Check that entry on M1 and M2 has the same uid values
+ :expectedresults:
+ 1. It should pass
+ 2. It should pass
+ 3. It should pass
+ 4. It should pass
+ 5. It should pass
+ 6. It should pass
+ 7. It should pass
+ 8. It should pass
+ 9. It should pass
+ """
+
+ M1 = topology_m2.ms["master1"]
+ M2 = topology_m2.ms["master2"]
+
+ # add a test user
+ test_users_m1 = UserAccounts(M1, base_m2.dn, rdn=None)
+ user_1 = test_users_m1.create_test_user(uid=1000)
+ test_users_m2 = UserAccount(M2, user_1.dn)
+ # Waiting fo the user to be replicated
+ for i in range(0,4):
+ time.sleep(1)
+ if test_users_m2.exists():
+ break
+ assert(test_users_m2.exists())
+
+ # Stop replication agreements
+ topology_m2.pause_all_replicas()
+
+ # On M1 rename test entry in uid=foo1
+ original_dn = user_1.dn
+ user_1.rename('uid=foo1')
+ time.sleep(1)
+
+ # On M2 rename test entry in uid=foo2
+ M2.rename_s(original_dn, 'uid=foo2')
+ time.sleep(2)
+
+ # on M1 MOD_REPL uid into foo1
+ user_1.replace('uid', 'foo1')
+
+ # resume replication agreements
+ topology_m2.resume_all_replicas()
+ time.sleep(5)
+
+ # check that on M1, the entry 'uid' has two values 'foo1' and 'foo2'
+ final_dn = re.sub('^.*1000,', 'uid=foo2,', original_dn)
+ final_user_m1 = UserAccount(M1, final_dn)
+ for val in final_user_m1.get_attr_vals_utf8('uid'):
+ log.info("Check %s is on M1" % val)
+ assert(val in ['foo1', 'foo2'])
+
+ # check that on M2, the entry 'uid' has two values 'foo1' and 'foo2'
+ final_user_m2 = UserAccount(M2, final_dn)
+ for val in final_user_m2.get_attr_vals_utf8('uid'):
+ log.info("Check %s is on M1" % val)
+ assert(val in ['foo1', 'foo2'])
+
+ # check that the entry have the same uid values
+ for val in final_user_m1.get_attr_vals_utf8('uid'):
+ log.info("Check M1.uid %s is also on M2" % val)
+ assert(val in final_user_m2.get_attr_vals_utf8('uid'))
+
+ for val in final_user_m2.get_attr_vals_utf8('uid'):
+ log.info("Check M2.uid %s is also on M1" % val)
+ assert(val in final_user_m1.get_attr_vals_utf8('uid'))
+
+ def test_conflict_attribute_single_valued(self, topology_m2, base_m2):
+ """A RDN attribute being signle-valued, checks that after several operations
+ MODRDN and MOD_REPL its RDN values are the same on both servers
+
+ :id: c38ae613-5d1e-47cf-b051-c7284e64b817
+ :setup: Two master replication, test container for entries, enable plugin logging,
+ audit log, error log for replica and access log for internal
+ :steps:
+ 1. Create a test entry uid=user_test_1000,...
+ 2. Pause all replication agreements
+ 3. On M1 rename it into employeenumber=foo1,...
+ 4. On M2 rename it into employeenumber=foo2,...
+ 5. On M1 MOD_REPL employeenumber:foo1
+ 6. Resume all replication agreements
+ 7. Check that entry on M1 has employeenumber=foo1
+ 8. Check that entry on M2 has employeenumber=foo1
+ 9. Check that entry on M1 and M2 has the same employeenumber values
+ :expectedresults:
+ 1. It should pass
+ 2. It should pass
+ 3. It should pass
+ 4. It should pass
+ 5. It should pass
+ 6. It should pass
+ 7. It should pass
+ 8. It should pass
+ 9. It should pass
+ """
+
+ M1 = topology_m2.ms["master1"]
+ M2 = topology_m2.ms["master2"]
+
+ # add a test user with a dummy 'uid' extra value because modrdn removes
+ # uid that conflict with 'account' objectclass
+ test_users_m1 = UserAccounts(M1, base_m2.dn, rdn=None)
+ user_1 = test_users_m1.create_test_user(uid=1000)
+ user_1.add('objectclass', 'extensibleobject')
+ user_1.add('uid', 'dummy')
+ test_users_m2 = UserAccount(M2, user_1.dn)
+
+ # Waiting fo the user to be replicated
+ for i in range(0,4):
+ time.sleep(1)
+ if test_users_m2.exists():
+ break
+ assert(test_users_m2.exists())
+
+ # Stop replication agreements
+ topology_m2.pause_all_replicas()
+
+ # On M1 rename test entry in employeenumber=foo1
+ original_dn = user_1.dn
+ user_1.rename('employeenumber=foo1')
+ time.sleep(1)
+
+ # On M2 rename test entry in employeenumber=foo2
+ M2.rename_s(original_dn, 'employeenumber=foo2')
+ time.sleep(2)
+
+ # on M1 MOD_REPL uid into foo1
+ user_1.replace('employeenumber', 'foo1')
+
+ # resume replication agreements
+ topology_m2.resume_all_replicas()
+ time.sleep(5)
+
+ # check that on M1, the entry 'employeenumber' has value 'foo1'
+ final_dn = re.sub('^.*1000,', 'employeenumber=foo2,', original_dn)
+ final_user_m1 = UserAccount(M1, final_dn)
+ for val in final_user_m1.get_attr_vals_utf8('employeenumber'):
+ log.info("Check %s is on M1" % val)
+ assert(val in ['foo1'])
+
+ # check that on M2, the entry 'employeenumber' has values 'foo1'
+ final_user_m2 = UserAccount(M2, final_dn)
+ for val in final_user_m2.get_attr_vals_utf8('employeenumber'):
+ log.info("Check %s is on M2" % val)
+ assert(val in ['foo1'])
+
+ # check that the entry have the same uid values
+ for val in final_user_m1.get_attr_vals_utf8('employeenumber'):
+ log.info("Check M1.uid %s is also on M2" % val)
+ assert(val in final_user_m2.get_attr_vals_utf8('employeenumber'))
+
+ for val in final_user_m2.get_attr_vals_utf8('employeenumber'):
+ log.info("Check M2.uid %s is also on M1" % val)
+ assert(val in final_user_m1.get_attr_vals_utf8('employeenumber'))
class TestThreeMasters:
def test_nested_entries(self, topology_m3, base_m3):
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index e9d7e87..a507f3c 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -213,6 +213,112 @@ error:
return retval;
}
+int32_t
+entry_get_rdn_mods(Slapi_PBlock *pb, Slapi_Entry *entry, CSN *csn, int repl_op, Slapi_Mods **smods_ret)
+{
+ unsigned long op_type = SLAPI_OPERATION_NONE;
+ char *new_rdn = NULL;
+ char **dns = NULL;
+ char **rdns = NULL;
+ Slapi_Mods *smods = NULL;
+ char *type = NULL;
+ struct berval *bvp[2] = {0};
+ struct berval bv;
+ Slapi_Attr *attr = NULL;
+ const char *entry_dn = NULL;
+
+ *smods_ret = NULL;
+ entry_dn = slapi_entry_get_dn_const(entry);
+ /* Do not bother to check that RDN is present, no one rename RUV or change its nsuniqueid */
+ if (strcasestr(entry_dn, RUV_STORAGE_ENTRY_UNIQUEID)) {
+ return 0;
+ }
+
+ /* First get the RDNs of the operation */
+ slapi_pblock_get(pb, SLAPI_OPERATION_TYPE, &op_type);
+ switch (op_type) {
+ case SLAPI_OPERATION_MODIFY:
+ dns = slapi_ldap_explode_dn(entry_dn, 0);
+ if (dns == NULL) {
+ slapi_log_err(SLAPI_LOG_ERR, "entry_get_rdn_mods",
+ "Fails to split DN \"%s\" into components\n", entry_dn);
+ return -1;
+ }
+ rdns = slapi_ldap_explode_rdn(dns[0], 0);
+ slapi_ldap_value_free(dns);
+
+ break;
+ case SLAPI_OPERATION_MODRDN:
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &new_rdn);
+ rdns = slapi_ldap_explode_rdn(new_rdn, 0);
+ break;
+ default:
+ break;
+ }
+ if (rdns == NULL || rdns[0] == NULL) {
+ slapi_log_err(SLAPI_LOG_ERR, "entry_get_rdn_mods",
+ "Fails to split RDN \"%s\" into components\n", slapi_entry_get_dn_const(entry));
+ return -1;
+ }
+
+ /* Update the entry to add RDNs values if they are missing */
+ smods = slapi_mods_new();
+
+ bvp[0] = &bv;
+ bvp[1] = NULL;
+ for (size_t rdns_count = 0; rdns[rdns_count]; rdns_count++) {
+ Slapi_Value *value;
+ attr = NULL;
+ slapi_rdn2typeval(rdns[rdns_count], &type, &bv);
+
+ /* Check if the RDN value exists */
+ if ((slapi_entry_attr_find(entry, type, &attr) != 0) ||
+ (slapi_attr_value_find(attr, &bv))) {
+ const CSN *csn_rdn_add;
+ const CSN *adcsn = attr_get_deletion_csn(attr);
+
+ /* It is missing => adds it */
+ if (slapi_attr_flag_is_set(attr, SLAPI_ATTR_FLAG_SINGLE)) {
+ if (csn_compare(adcsn, csn) >= 0) {
+ /* this is a single valued attribute and the current value
+ * (that is different from RDN value) is more recent than
+ * the RDN value we want to apply.
+ * Keep the current value and add a conflict flag
+ */
+
+ type = ATTR_NSDS5_REPLCONFLICT;
+ bv.bv_val = "RDN value may be missing because it is single-valued";
+ bv.bv_len = strlen(bv.bv_val);
+ slapi_entry_add_string(entry, type, bv.bv_val);
+ slapi_mods_add_modbvps(smods, LDAP_MOD_ADD, type, bvp);
+ continue;
+ }
+ }
+ /* if a RDN value needs to be forced, make sure it csn is ahead */
+ slapi_mods_add_modbvps(smods, LDAP_MOD_ADD, type, bvp);
+ csn_rdn_add = csn_max(adcsn, csn);
+
+ if (entry_apply_mods_wsi(entry, smods, csn_rdn_add, repl_op)) {
+ slapi_log_err(SLAPI_LOG_ERR, "entry_get_rdn_mods",
+ "Fails to set \"%s\" in \"%s\"\n", type, slapi_entry_get_dn_const(entry));
+ slapi_ldap_value_free(rdns);
+ slapi_mods_free(&smods);
+ return -1;
+ }
+ /* Make the RDN value a distinguished value */
+ attr_value_find_wsi(attr, &bv, &value);
+ value_update_csn(value, CSN_TYPE_VALUE_DISTINGUISHED, csn_rdn_add);
+ }
+ }
+ slapi_ldap_value_free(rdns);
+ if (smods->num_mods == 0) {
+ /* smods_ret already NULL, just free the useless smods */
+ slapi_mods_free(&smods);
+ } else {
+ *smods_ret = smods;
+ }
+ return 0;
+}
/**
Apply the mods to the ec entry. Check for syntax, schema problems.
Check for abandon.
@@ -269,6 +375,8 @@ modify_apply_check_expand(
goto done;
}
+
+
/*
* If the objectClass attribute type was modified in any way, expand
* the objectClass values to reflect the inheritance hierarchy.
@@ -414,6 +522,7 @@ ldbm_back_modify(Slapi_PBlock *pb)
int result_sent = 0;
int32_t parent_op = 0;
struct timespec parent_time;
+ Slapi_Mods *smods_add_rdn = NULL;
slapi_pblock_get(pb, SLAPI_BACKEND, &be);
slapi_pblock_get(pb, SLAPI_PLUGIN_PRIVATE, &li);
@@ -731,6 +840,15 @@ ldbm_back_modify(Slapi_PBlock *pb)
}
} /* else if new_mod_count == mod_count then betxnpremod plugin did nothing */
+ /* time to check if applying a replicated operation removed
+ * the RDN value from the entry. Assuming that only replicated update
+ * can lead to that bad result
+ */
+ if (entry_get_rdn_mods(pb, ec->ep_entry, opcsn, repl_op, &smods_add_rdn)) {
+ goto error_return;
+ }
+
+
/*
* Update the ID to Entry index.
* Note that id2entry_add replaces the entry, so the Entry ID
@@ -764,6 +882,23 @@ ldbm_back_modify(Slapi_PBlock *pb)
MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
+
+ if (smods_add_rdn && slapi_mods_get_num_mods(smods_add_rdn) > 0) {
+ retval = index_add_mods(be, (LDAPMod **) slapi_mods_get_ldapmods_byref(smods_add_rdn), e, ec, &txn);
+ if (DB_LOCK_DEADLOCK == retval) {
+ /* Abort and re-try */
+ slapi_mods_free(&smods_add_rdn);
+ continue;
+ }
+ if (retval != 0) {
+ slapi_log_err(SLAPI_LOG_ERR, "ldbm_back_modify",
+ "index_add_mods (rdn) failed, err=%d %s\n",
+ retval, (msg = dblayer_strerror(retval)) ? msg : "");
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
+ slapi_mods_free(&smods_add_rdn);
+ goto error_return;
+ }
+ }
/*
* Remove the old entry from the Virtual List View indexes.
* Add the new entry to the Virtual List View indexes.
@@ -978,6 +1113,7 @@ error_return:
common_return:
slapi_mods_done(&smods);
+ slapi_mods_free(&smods_add_rdn);
if (inst) {
if (ec_locked || cache_is_in_cache(&inst->inst_cache, ec)) {
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index fde83c9..e97b7a5 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -21,7 +21,7 @@ static void moddn_unlock_and_return_entry(backend *be, struct backentry **target
static int moddn_newrdn_mods(Slapi_PBlock *pb, const char *olddn, struct backentry *ec, Slapi_Mods *smods_wsi, int is_repl_op);
static IDList *moddn_get_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be, struct backentry *parententry, Slapi_DN *parentdn, struct backentry ***child_entries, struct backdn ***child_dns, int is_resurect_operation);
static int moddn_rename_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be, IDList *children, Slapi_DN *dn_parentdn, Slapi_DN *dn_newsuperiordn, struct backentry *child_entries[]);
-static int modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li, struct backentry *e, struct backentry **ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3);
+static int modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li, struct backentry *e, struct backentry **ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3, Slapi_Mods *smods4);
static void mods_remove_nsuniqueid(Slapi_Mods *smods);
#define MOD_SET_ERROR(rc, error, count) \
@@ -100,6 +100,7 @@ ldbm_back_modrdn(Slapi_PBlock *pb)
Connection *pb_conn = NULL;
int32_t parent_op = 0;
struct timespec parent_time;
+ Slapi_Mods *smods_add_rdn = NULL;
if (slapi_pblock_get(pb, SLAPI_CONN_ID, &conn_id) < 0) {
conn_id = 0; /* connection is NULL */
@@ -842,6 +843,15 @@ ldbm_back_modrdn(Slapi_PBlock *pb)
goto error_return;
}
}
+
+ /* time to check if applying a replicated operation removed
+ * the RDN value from the entry. Assuming that only replicated update
+ * can lead to that bad result
+ */
+ if (entry_get_rdn_mods(pb, ec->ep_entry, opcsn, is_replicated_operation, &smods_add_rdn)) {
+ goto error_return;
+ }
+
/* check that the entry still obeys the schema */
if (slapi_entry_schema_check(pb, ec->ep_entry) != 0) {
ldap_result_code = LDAP_OBJECT_CLASS_VIOLATION;
@@ -1003,7 +1013,7 @@ ldbm_back_modrdn(Slapi_PBlock *pb)
/*
* Update the indexes for the entry.
*/
- retval = modrdn_rename_entry_update_indexes(&txn, pb, li, e, &ec, &smods_generated, &smods_generated_wsi, &smods_operation_wsi);
+ retval = modrdn_rename_entry_update_indexes(&txn, pb, li, e, &ec, &smods_generated, &smods_generated_wsi, &smods_operation_wsi, smods_add_rdn);
if (DB_LOCK_DEADLOCK == retval) {
/* Retry txn */
continue;
@@ -1497,6 +1507,7 @@ common_return:
slapi_mods_done(&smods_operation_wsi);
slapi_mods_done(&smods_generated);
slapi_mods_done(&smods_generated_wsi);
+ slapi_mods_free(&smods_add_rdn);
slapi_ch_free((void **)&child_entries);
slapi_ch_free((void **)&child_dns);
if (ldap_result_matcheddn && 0 != strcmp(ldap_result_matcheddn, "NULL"))
@@ -1778,7 +1789,7 @@ mods_remove_nsuniqueid(Slapi_Mods *smods)
* mods contains the list of attribute change made.
*/
static int
-modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li __attribute__((unused)), struct backentry *e, struct backentry **ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3)
+modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li __attribute__((unused)), struct backentry *e, struct backentry **ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3, Slapi_Mods *smods4)
{
backend *be;
ldbm_instance *inst;
@@ -1874,6 +1885,24 @@ modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbm
goto error_return;
}
}
+ if (smods4 != NULL && slapi_mods_get_num_mods(smods4) > 0) {
+ /*
+ * update the indexes: lastmod, rdn, etc.
+ */
+ retval = index_add_mods(be, slapi_mods_get_ldapmods_byref(smods4), e, *ec, ptxn);
+ if (DB_LOCK_DEADLOCK == retval) {
+ /* Retry txn */
+ slapi_log_err(SLAPI_LOG_BACKLDBM, "modrdn_rename_entry_update_indexes",
+ "index_add_mods4 deadlock\n");
+ goto error_return;
+ }
+ if (retval != 0) {
+ slapi_log_err(SLAPI_LOG_TRACE, "modrdn_rename_entry_update_indexes",
+ "index_add_mods 4 failed, err=%d %s\n",
+ retval, (msg = dblayer_strerror(retval)) ? msg : "");
+ goto error_return;
+ }
+ }
/*
* Remove the old entry from the Virtual List View indexes.
* Add the new entry to the Virtual List View indexes.
@@ -1991,7 +2020,7 @@ moddn_rename_child_entry(
* Update all the indexes.
*/
retval = modrdn_rename_entry_update_indexes(ptxn, pb, li, e, ec,
- smodsp, NULL, NULL);
+ smodsp, NULL, NULL, NULL);
/* JCMREPL - Should the children get updated modifiersname and lastmodifiedtime? */
slapi_mods_done(&smods);
}
diff --git a/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h b/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
index d75ea43..a20bf9b 100644
--- a/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
@@ -323,6 +323,7 @@ int get_parent_rdn(DB *db, ID parentid, Slapi_RDN *srdn);
/*
* modify.c
*/
+int32_t entry_get_rdn_mods(Slapi_PBlock *pb, Slapi_Entry *entry, CSN *csn, int repl_op, Slapi_Mods **smods_ret);
int modify_update_all(backend *be, Slapi_PBlock *pb, modify_context *mc, back_txn *txn);
void modify_init(modify_context *mc, struct backentry *old_entry);
int modify_apply_mods(modify_context *mc, Slapi_Mods *smods);
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 50791 - Healthcheck should look for notes=A/F in access log
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 81cca09 Issue 50791 - Healthcheck should look for notes=A/F in access log
81cca09 is described below
commit 81cca09ae9d3dc1dde5983dceb658e04700c25e7
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Thu Jun 11 15:30:28 2020 -0400
Issue 50791 - Healthcheck should look for notes=A/F in access log
Description: Add checks for notes=A (fully unindexed search) and
notes=F (Unknown attribute in search filter) in the
current access log.
relates: https://pagure.io/389-ds-base/issue/50791
Reviewed by: firstyear(Thanks!)
---
src/lib389/lib389/cli_ctl/health.py | 4 ++-
src/lib389/lib389/dirsrv_log.py | 72 +++++++++++++++++++++++++++++++++++--
src/lib389/lib389/lint.py | 26 ++++++++++++--
3 files changed, 96 insertions(+), 6 deletions(-)
diff --git a/src/lib389/lib389/cli_ctl/health.py b/src/lib389/lib389/cli_ctl/health.py
index 6333a75..89484a1 100644
--- a/src/lib389/lib389/cli_ctl/health.py
+++ b/src/lib389/lib389/cli_ctl/health.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -18,6 +18,7 @@ from lib389.monitor import MonitorDiskSpace
from lib389.replica import Replica, Changelog5
from lib389.nss_ssl import NssSsl
from lib389.dseldif import FSChecks, DSEldif
+from lib389.dirsrv_log import DirsrvAccessLog
from lib389 import lint
from lib389 import plugins
from lib389._constants import DSRC_HOME
@@ -37,6 +38,7 @@ CHECK_OBJECTS = [
Changelog5,
DSEldif,
NssSsl,
+ DirsrvAccessLog,
]
diff --git a/src/lib389/lib389/dirsrv_log.py b/src/lib389/lib389/dirsrv_log.py
index baac2a3..7bed4bb 100644
--- a/src/lib389/lib389/dirsrv_log.py
+++ b/src/lib389/lib389/dirsrv_log.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2016 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -9,12 +9,17 @@
"""Helpers for managing the directory server internal logs.
"""
+import copy
import re
import gzip
from dateutil.parser import parse as dt_parse
from glob import glob
from lib389.utils import ensure_bytes
-
+from lib389._mapped_object_lint import DSLint
+from lib389.lint import (
+ DSLOGNOTES0001, # Unindexed search
+ DSLOGNOTES0002, # Unknown attr in search filter
+)
# Because many of these settings can change live, we need to check for certain
# attributes all the time.
@@ -35,7 +40,7 @@ MONTH_LOOKUP = {
}
-class DirsrvLog(object):
+class DirsrvLog(DSLint):
"""Class of functions to working with the various DIrectory Server logs
"""
def __init__(self, dirsrv):
@@ -189,6 +194,67 @@ class DirsrvAccessLog(DirsrvLog):
self.full_regexs = [self.prog_m1, self.prog_con, self.prog_discon]
self.result_regexs = [self.prog_notes, self.prog_repl,
self.prog_result]
+ @classmethod
+ def lint_uid(cls):
+ return 'logs'
+
+ def _log_get_search_stats(self, conn, op):
+ lines = self.match(f".* conn={conn} op={op} SRCH base=.*")
+ if len(lines) != 1:
+ return None
+
+ quoted_vals = re.findall('"([^"]*)"', lines[0])
+ return {
+ 'base': quoted_vals[0],
+ 'filter': quoted_vals[1],
+ 'timestamp': re.findall('\[(.*)\]', lines[0])[0],
+ 'scope': lines[0].split(' scope=', 1)[1].split(' ',1)[0]
+ }
+
+ def _lint_notes(self):
+ """
+ Check for notes=A (fully unindexed searches), and
+ notes=F (unknown attribute in filter)
+ """
+ for pattern, lint_report in [(".* notes=A", DSLOGNOTES0001), (".* notes=F", DSLOGNOTES0002)]:
+ lines = self.match(pattern)
+ if len(lines) > 0:
+ count = 0
+ searches = []
+ for line in lines:
+ if ' RESULT err=' in line:
+ # Looks like a valid notes=A/F
+ conn = line.split(' conn=', 1)[1].split(' ',1)[0]
+ op = line.split(' op=', 1)[1].split(' ',1)[0]
+ etime = line.split(' etime=', 1)[1].split(' ',1)[0]
+ stats = self._log_get_search_stats(conn, op)
+ if stats is not None:
+ timestamp = stats['timestamp']
+ base = stats['base']
+ scope = stats['scope']
+ srch_filter = stats['filter']
+ count += 1
+ if lint_report == DSLOGNOTES0001:
+ searches.append(f'\n [{count}] Unindexed Search\n'
+ f' - date: {timestamp}\n'
+ f' - conn/op: {conn}/{op}\n'
+ f' - base: {base}\n'
+ f' - scope: {scope}\n'
+ f' - filter: {srch_filter}\n'
+ f' - etime: {etime}\n')
+ else:
+ searches.append(f'\n [{count}] Invalid Attribute in Filter\n'
+ f' - date: {timestamp}\n'
+ f' - conn/op: {conn}/{op}\n'
+ f' - filter: {srch_filter}\n')
+ if len(searches) > 0:
+ report = copy.deepcopy(lint_report)
+ report['items'].append(self._get_log_path())
+ report['detail'] = report['detail'].replace('NUMBER', str(count))
+ for srch in searches:
+ report['detail'] += srch
+ yield report
+
def _get_log_path(self):
"""Return the current log file location"""
diff --git a/src/lib389/lib389/lint.py b/src/lib389/lib389/lint.py
index a103fee..4b1700b 100644
--- a/src/lib389/lib389/lint.py
+++ b/src/lib389/lib389/lint.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -253,7 +253,7 @@ can use the CLI tool "dsconf" to resolve the conflict. Here is an example:
Remove conflict entry and keep only the original/counterpart entry:
- # dsconf slapd-YOUR_INSTANCE repl-conflict remove <DN of conflict entry>
+ # dsconf slapd-YOUR_INSTANCE repl-conflict delete <DN of conflict entry>
Replace the original/counterpart entry with the conflict entry:
@@ -418,3 +418,25 @@ until the time issues have been resolved:
Also look at https://access.redhat.com/documentation/en-us/red_hat_directory_server/11...
and find the paragraph "Too much time skew"."""
}
+
+DSLOGNOTES0001 = {
+ 'dsle': 'DSLOGNOTES0001',
+ 'severity': 'Medium',
+ 'description': 'Unindexed Search',
+ 'items': ['Performance'],
+ 'detail': """Found NUMBER fully unindexed searches in the current access log.
+Unindexed searches can cause high CPU and slow down the entire server's performance.\n""",
+ 'fix': """Examine the searches that are unindexed, and either properly index the attributes
+in the filter, increase the nsslapd-idlistscanlimit, or stop using that filter."""
+}
+
+DSLOGNOTES0002 = {
+ 'dsle': 'DSLOGNOTES0002',
+ 'severity': 'Medium',
+ 'description': 'Unknown Attribute In Filter',
+ 'items': ['Possible Performance Impact'],
+ 'detail': """Found NUMBER searches in the current access log that are using an
+unknown attribute in the search filter.\n""",
+ 'fix': """Stop using this these unknown attributes in the filter, or add the schema
+to the server and make sure it's properly indexed."""
+}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.2 updated: Issue 51072 - Set the default minimum worker threads
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new 0b9d9e9 Issue 51072 - Set the default minimum worker threads
0b9d9e9 is described below
commit 0b9d9e9c753012625ea6c3a6e52a74ae753491d2
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Thu Jun 11 16:28:17 2020 -0400
Issue 51072 - Set the default minimum worker threads
Description: Testing has shown that using current number of CPU cores
to set the thread number gives the best performance, but
when there are expensive operations total throughput drops.
We still need a minimum number of workers threads to handle
a wide range of operations. We decided for now that the
minimum should be 16 workers.
relates: https://pagure.io/389-ds-base/issue/51072
Reviewed by: tbordaz & firstyear (Thanks!!)
Define MAX and MIN threads, and improve logging
---
ldap/servers/slapd/libglobs.c | 5 -----
ldap/servers/slapd/util.c | 45 +++++++++++++++++++++++++++++--------------
2 files changed, 31 insertions(+), 19 deletions(-)
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 4b8c39c..3542e3f 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -5848,11 +5848,6 @@ config_get_threadnumber(void)
retVal = util_get_hardware_threads();
}
- /* We *still* can't detect hardware threads. Okay, return 30 :( */
- if (retVal <= 0) {
- retVal = 30;
- }
-
return retVal;
}
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c
index f380ba8..442a83b 100644
--- a/ldap/servers/slapd/util.c
+++ b/ldap/servers/slapd/util.c
@@ -26,6 +26,7 @@
#include "snmp_collator.h"
#include <sys/time.h>
#include <sys/resource.h>
+#include <errno.h>
#define UTIL_ESCAPE_NONE 0
#define UTIL_ESCAPE_HEX 1
@@ -40,6 +41,9 @@
#define FILTER_BUF 128 /* initial buffer size for attr value */
#define BUF_INCR 16 /* the amount to increase the FILTER_BUF once it fills up */
+#define MIN_THREADS 16
+#define MAX_THREADS 512
+
/* slapi-private contains the pal. */
#include <slapi-private.h>
@@ -1487,26 +1491,39 @@ util_is_cachesize_sane(slapi_pal_meminfo *mi, uint64_t *cachesize)
long
util_get_hardware_threads(void)
{
+ long threads = MIN_THREADS;
#ifdef LINUX
long hw_threads = sysconf(_SC_NPROCESSORS_ONLN);
- long threads = 0;
- slapi_log_err(SLAPI_LOG_TRACE, "util_get_hardware_threads", "Detected %lu hardware threads\n", threads);
- if (hw_threads == 0) {
- /* Error! */
- threads = -1;
- } else if (hw_threads < 512) {
- threads = hw_threads;
- } else {
- /* Cap at 512 for now ... */
- threads = 512;
+
+ slapi_log_err(SLAPI_LOG_TRACE, "util_get_hardware_threads",
+ "Detected %ld hardware threads\n", hw_threads);
+
+ if (hw_threads == -1) {
+ /* sysconf failed, use MIN_THREADS */
+ slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads",
+ "Failed to get hardware threads. Error (%d) %s\n",
+ errno, slapd_system_strerror(errno));
+ } else if (hw_threads == 0) {
+ /* sysconf failed to find any processors, use MIN_THREADS */
+ slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads",
+ "Cannot detect any hardware threads.\n");
+ } else if (hw_threads > MIN_THREADS) {
+ if (hw_threads < MAX_THREADS) {
+ threads = hw_threads;
+ } else {
+ /* Cap at 512 for now ... */
+ threads = MAX_THREADS;
+ }
}
- slapi_log_err(SLAPI_LOG_INFO, "util_get_hardware_threads", "Automatically configuring %lu threads\n", threads);
+
+ slapi_log_err(SLAPI_LOG_INFO, "util_get_hardware_threads", "Automatically configuring %ld threads\n", threads);
return threads;
#else
- slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads", "ERROR: Cannot detect hardware threads on this platform. This is probably a bug!\n");
- /* Can't detect threads on this platform! */
- return -1;
+ slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads",
+ "ERROR: Cannot detect hardware threads on this platform. This is probably a bug!\n");
+ /* Can't detect threads on this platform! Return the default thread number */
+ return threads;
#endif
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 51072 - Set the default minimum worker threads
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 796ca36 Issue 51072 - Set the default minimum worker threads
796ca36 is described below
commit 796ca36dd83096ce050d82c9948a8094c90b2302
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Thu Jun 11 16:28:17 2020 -0400
Issue 51072 - Set the default minimum worker threads
Description: Testing has shown that using current number of CPU cores
to set the thread number gives the best performance, but
when there are expensive operations total throughput drops.
We still need a minimum number of workers threads to handle
a wide range of operations. We decided for now that the
minimum should be 16 workers.
relates: https://pagure.io/389-ds-base/issue/51072
Reviewed by: tbordaz & firstyear (Thanks!!)
Define MAX and MIN threads, and improve logging
---
ldap/servers/slapd/libglobs.c | 5 -----
ldap/servers/slapd/util.c | 45 +++++++++++++++++++++++++++++--------------
2 files changed, 31 insertions(+), 19 deletions(-)
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index fbf90d9..d540d84 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -5905,11 +5905,6 @@ config_get_threadnumber(void)
retVal = util_get_hardware_threads();
}
- /* We *still* can't detect hardware threads. Okay, return 30 :( */
- if (retVal <= 0) {
- retVal = 30;
- }
-
return retVal;
}
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c
index fc67d70..fda4fdf 100644
--- a/ldap/servers/slapd/util.c
+++ b/ldap/servers/slapd/util.c
@@ -26,6 +26,7 @@
#include "snmp_collator.h"
#include <sys/time.h>
#include <sys/resource.h>
+#include <errno.h>
#define UTIL_ESCAPE_NONE 0
#define UTIL_ESCAPE_HEX 1
@@ -40,6 +41,9 @@
#define FILTER_BUF 128 /* initial buffer size for attr value */
#define BUF_INCR 16 /* the amount to increase the FILTER_BUF once it fills up */
+#define MIN_THREADS 16
+#define MAX_THREADS 512
+
/* slapi-private contains the pal. */
#include <slapi-private.h>
@@ -1487,26 +1491,39 @@ util_is_cachesize_sane(slapi_pal_meminfo *mi, uint64_t *cachesize)
long
util_get_hardware_threads(void)
{
+ long threads = MIN_THREADS;
#ifdef LINUX
long hw_threads = sysconf(_SC_NPROCESSORS_ONLN);
- long threads = 0;
- slapi_log_err(SLAPI_LOG_TRACE, "util_get_hardware_threads", "Detected %lu hardware threads\n", threads);
- if (hw_threads == 0) {
- /* Error! */
- threads = -1;
- } else if (hw_threads < 512) {
- threads = hw_threads;
- } else {
- /* Cap at 512 for now ... */
- threads = 512;
+
+ slapi_log_err(SLAPI_LOG_TRACE, "util_get_hardware_threads",
+ "Detected %ld hardware threads\n", hw_threads);
+
+ if (hw_threads == -1) {
+ /* sysconf failed, use MIN_THREADS */
+ slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads",
+ "Failed to get hardware threads. Error (%d) %s\n",
+ errno, slapd_system_strerror(errno));
+ } else if (hw_threads == 0) {
+ /* sysconf failed to find any processors, use MIN_THREADS */
+ slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads",
+ "Cannot detect any hardware threads.\n");
+ } else if (hw_threads > MIN_THREADS) {
+ if (hw_threads < MAX_THREADS) {
+ threads = hw_threads;
+ } else {
+ /* Cap at 512 for now ... */
+ threads = MAX_THREADS;
+ }
}
- slapi_log_err(SLAPI_LOG_INFO, "util_get_hardware_threads", "Automatically configuring %lu threads\n", threads);
+
+ slapi_log_err(SLAPI_LOG_INFO, "util_get_hardware_threads", "Automatically configuring %ld threads\n", threads);
return threads;
#else
- slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads", "ERROR: Cannot detect hardware threads on this platform. This is probably a bug!\n");
- /* Can't detect threads on this platform! */
- return -1;
+ slapi_log_err(SLAPI_LOG_ERR, "util_get_hardware_threads",
+ "ERROR: Cannot detect hardware threads on this platform. This is probably a bug!\n");
+ /* Can't detect threads on this platform! Return the default thread number */
+ return threads;
#endif
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 50912 - pwdReset can be modified by a user
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new a87fc40 Issue 50912 - pwdReset can be modified by a user
a87fc40 is described below
commit a87fc40e2831be181a39ecb5309d05ce67342d9d
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Thu Jun 11 15:47:43 2020 -0400
Issue 50912 - pwdReset can be modified by a user
Description: The attribute "pwdReset" should only be allowed to be set by the
server. Update schema definition to include NO-USER-MODIFICATION
relates: https://pagure.io/389-ds-base/issue/50912
Reviewed by: mreynolds(one line commit rule)
---
ldap/schema/02common.ldif | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/schema/02common.ldif b/ldap/schema/02common.ldif
index 966636b..c6dc074 100644
--- a/ldap/schema/02common.ldif
+++ b/ldap/schema/02common.ldif
@@ -76,7 +76,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2349 NAME ( 'passwordDictCheck' 'pwdDict
attributeTypes: ( 2.16.840.1.113730.3.1.2350 NAME ( 'passwordDictPath' 'pwdDictPath' ) DESC '389 Directory Server password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN '389 Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2351 NAME ( 'passwordUserAttributes' 'pwdUserAttributes' ) DESC '389 Directory Server password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN '389 Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2352 NAME ( 'passwordBadWords' 'pwdBadWords' ) DESC '389 Directory Server password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN '389 Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2366 NAME 'pwdReset' DESC '389 Directory Server password policy attribute type' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation X-ORIGIN '389 Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2366 NAME 'pwdReset' DESC '389 Directory Server password policy attribute type' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN '389 Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.198 NAME 'memberURL' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.199 NAME 'memberCertificateDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.207 NAME 'vlvBase' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch master updated: Issue 50912 - pwdReset can be modified by a user
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch master
in repository 389-ds-base.
The following commit(s) were added to refs/heads/master by this push:
new 3ddcc62 Issue 50912 - pwdReset can be modified by a user
3ddcc62 is described below
commit 3ddcc62065470ea7230109f892449e0ab65c9e00
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Thu Jun 11 15:47:43 2020 -0400
Issue 50912 - pwdReset can be modified by a user
Description: The attribute "pwdReset" should only be allowed to be set by the
server. Update schema definition to include NO-USER-MODIFICATION
relates: https://pagure.io/389-ds-base/issue/50912
Reviewed by: mreynolds(one line commit rule)
---
ldap/schema/02common.ldif | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/schema/02common.ldif b/ldap/schema/02common.ldif
index 612c516..2b88b48 100644
--- a/ldap/schema/02common.ldif
+++ b/ldap/schema/02common.ldif
@@ -77,7 +77,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2349 NAME ( 'passwordDictCheck' 'pwdDict
attributeTypes: ( 2.16.840.1.113730.3.1.2350 NAME ( 'passwordDictPath' 'pwdDictPath' ) DESC '389 Directory Server password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN '389 Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2351 NAME ( 'passwordUserAttributes' 'pwdUserAttributes' ) DESC '389 Directory Server password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN '389 Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2352 NAME ( 'passwordBadWords' 'pwdBadWords' ) DESC '389 Directory Server password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN '389 Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2366 NAME 'pwdReset' DESC '389 Directory Server password policy attribute type' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation X-ORIGIN '389 Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2366 NAME 'pwdReset' DESC '389 Directory Server password policy attribute type' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN '389 Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.198 NAME 'memberURL' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.199 NAME 'memberCertificateDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.207 NAME 'vlvBase' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch master updated: Issue 50781 - Make building cockpit plugin optional
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
vashirov pushed a commit to branch master
in repository 389-ds-base.
The following commit(s) were added to refs/heads/master by this push:
new e9626cc Issue 50781 - Make building cockpit plugin optional
e9626cc is described below
commit e9626cc7ace9ecd4a4f9cf49cf8087cff3bb2720
Author: Viktor Ashirov <vashirov(a)redhat.com>
AuthorDate: Wed Jun 10 13:24:02 2020 +0200
Issue 50781 - Make building cockpit plugin optional
Bug description:
Cockpit plugin should be optional, but not disabled by default.
Fix description:
Change the default to COCKPIT_ON = 1
Relates: https://pagure.io/389-ds-base/issue/50781
Reviewed by: mreynolds (Thanks!)
---
rpm.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rpm.mk b/rpm.mk
index 480a1d7..40c8619 100644
--- a/rpm.mk
+++ b/rpm.mk
@@ -27,7 +27,7 @@ UBSAN_ON = 0
RUST_ON = 0
-COCKPIT_ON = 0
+COCKPIT_ON = 1
# PERL_ON is deprecated and turns on the LEGACY_ON, this for not breaking people's workflows.
PERL_ON = 1
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.2 updated: Issue 51136 - dsctl and dsidm do not errors correctly when using JSON
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new d3e9456 Issue 51136 - dsctl and dsidm do not errors correctly when using JSON
d3e9456 is described below
commit d3e9456ca64105c3296a8421c14815b4bfd095f2
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Fri Jun 5 11:21:52 2020 -0400
Issue 51136 - dsctl and dsidm do not errors correctly when using JSON
Description: dsctl and dsidm were not returning errors in a JSON object
when the JSON CLI option is requested. This breaks the UI
when errors occur.
fixes: https://pagure.io/389-ds-base/issue/51136
Reviewed by: firstyear & spichugi(Thanks!)
---
src/lib389/cli/dsconf | 4 ++--
src/lib389/cli/dscreate | 2 +-
src/lib389/cli/dsctl | 5 ++++-
src/lib389/cli/dsidm | 5 ++++-
src/lib389/lib389/__init__.py | 6 +++---
src/lib389/lib389/agreement.py | 8 ++++----
src/lib389/lib389/cli_conf/plugins/automember.py | 6 +++---
src/lib389/lib389/cli_conf/plugins/dna.py | 6 +++---
src/lib389/lib389/cli_conf/plugins/linkedattr.py | 4 ++--
src/lib389/lib389/cli_conf/plugins/managedentries.py | 6 +++---
src/lib389/lib389/cli_conf/plugins/passthroughauth.py | 7 ++++---
src/lib389/lib389/cli_conf/security.py | 2 +-
src/lib389/lib389/cli_idm/__init__.py | 5 +++--
13 files changed, 37 insertions(+), 29 deletions(-)
diff --git a/src/lib389/cli/dsconf b/src/lib389/cli/dsconf
index 5143756..71fc2b6 100755
--- a/src/lib389/cli/dsconf
+++ b/src/lib389/cli/dsconf
@@ -1,7 +1,7 @@
#!/usr/bin/python3
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2016 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -139,7 +139,7 @@ if __name__ == '__main__':
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg))
+ sys.stderr.write(json.dumps(msg, indent=4))
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dscreate b/src/lib389/cli/dscreate
index 083c30c..dc4c706 100755
--- a/src/lib389/cli/dscreate
+++ b/src/lib389/cli/dscreate
@@ -80,7 +80,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg))
+ sys.stderr.write(json.dumps(msg, indent=4))
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dsctl b/src/lib389/cli/dsctl
index 0a5f73b..758c7ca 100755
--- a/src/lib389/cli/dsctl
+++ b/src/lib389/cli/dsctl
@@ -140,7 +140,10 @@ if __name__ == '__main__':
except Exception as e:
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
- log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
+ if args.json:
+ sys.stderr.write(json.dumps(msg, indent=4))
+ else:
+ log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
disconnect_instance(inst)
diff --git a/src/lib389/cli/dsidm b/src/lib389/cli/dsidm
index fb0b6a2..ae38d14 100755
--- a/src/lib389/cli/dsidm
+++ b/src/lib389/cli/dsidm
@@ -133,7 +133,10 @@ if __name__ == '__main__':
except Exception as e:
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
- log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
+ if args.json:
+ sys.stderr.write(json.dumps(msg, indent=4))
+ else:
+ log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
disconnect_instance(inst)
diff --git a/src/lib389/lib389/__init__.py b/src/lib389/lib389/__init__.py
index ef8683b..3bb80ab 100644
--- a/src/lib389/lib389/__init__.py
+++ b/src/lib389/lib389/__init__.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# Copyright (C) 2019 William Brown <william(a)blackhats.net.au>
# All rights reserved.
#
@@ -2955,7 +2955,7 @@ class DirSrv(SimpleLDAPObject, object):
self.log.info('Backup: %s - %s (%s)', bak, bak_date, bak_size)
if use_json:
- print(json.dumps(json_result))
+ print(json.dumps(json_result, indent=4))
return True
@@ -2999,7 +2999,7 @@ class DirSrv(SimpleLDAPObject, object):
self.log.info('{} ({}), Created ({}), Size ({})'.format(ldif_file, ldif_suffix, ldif_date, ldif_size))
if use_json:
- print(json.dumps(json_result))
+ print(json.dumps(json_result, indent=4))
return True
diff --git a/src/lib389/lib389/agreement.py b/src/lib389/lib389/agreement.py
index e2b0dc3..efcd507 100644
--- a/src/lib389/lib389/agreement.py
+++ b/src/lib389/lib389/agreement.py
@@ -229,7 +229,7 @@ class Agreement(DSLdapObject):
'con_maxcsn': con_maxcsn,
'state': agmt_status['state'],
'reason': agmt_status['message']
- })
+ }, indent=4)
else:
return "In Synchronization"
except:
@@ -253,7 +253,7 @@ class Agreement(DSLdapObject):
'con_maxcsn': con_maxcsn,
'state': agmt_status['state'],
'reason': repl_msg
- })
+ }, indent=4)
else:
return ("Not in Synchronization: supplier " +
"(%s) consumer (%s) State (%s) Reason (%s)" %
@@ -337,7 +337,7 @@ class Agreement(DSLdapObject):
status = str(e)
if just_status:
if use_json:
- return (json.dumps(status))
+ return (json.dumps(status, indent=4))
else:
return status
@@ -387,7 +387,7 @@ class Agreement(DSLdapObject):
'replication-status': [status],
'replication-lag-time': [lag_time]
}
- return (json.dumps(result))
+ return (json.dumps(result, indent=4))
else:
retstr = (
"Status For Agreement: \"%(cn)s\" (%(nsDS5ReplicaHost)s:"
diff --git a/src/lib389/lib389/cli_conf/plugins/automember.py b/src/lib389/lib389/cli_conf/plugins/automember.py
index bc5e55e..cccfbd7 100644
--- a/src/lib389/lib389/cli_conf/plugins/automember.py
+++ b/src/lib389/lib389/cli_conf/plugins/automember.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -37,7 +37,7 @@ def definition_list(inst, basedn, log, args):
else:
result.append(definition.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
@@ -94,7 +94,7 @@ def regex_list(inst, basedn, log, args):
else:
result.append(regex.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/dna.py b/src/lib389/lib389/cli_conf/plugins/dna.py
index a86034d..2904b04 100644
--- a/src/lib389/lib389/cli_conf/plugins/dna.py
+++ b/src/lib389/lib389/cli_conf/plugins/dna.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -62,7 +62,7 @@ def dna_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
@@ -125,7 +125,7 @@ def dna_config_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/linkedattr.py b/src/lib389/lib389/cli_conf/plugins/linkedattr.py
index 12b75e1..5a69eb2 100644
--- a/src/lib389/lib389/cli_conf/plugins/linkedattr.py
+++ b/src/lib389/lib389/cli_conf/plugins/linkedattr.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# Copyright (C) 2019 William Brown <william(a)blackhats.net.au>
# All rights reserved.
#
@@ -30,7 +30,7 @@ def linkedattr_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/managedentries.py b/src/lib389/lib389/cli_conf/plugins/managedentries.py
index 99ffc94..478efeb 100644
--- a/src/lib389/lib389/cli_conf/plugins/managedentries.py
+++ b/src/lib389/lib389/cli_conf/plugins/managedentries.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -48,7 +48,7 @@ def mep_config_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
@@ -113,7 +113,7 @@ def mep_template_list(inst, basedn, log, args):
else:
result.append(template.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/passthroughauth.py b/src/lib389/lib389/cli_conf/plugins/passthroughauth.py
index dc115e0..7198d86 100644
--- a/src/lib389/lib389/cli_conf/plugins/passthroughauth.py
+++ b/src/lib389/lib389/cli_conf/plugins/passthroughauth.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -73,7 +73,8 @@ def pta_list(inst, basedn, log, args):
urls = plugin.get_urls()
if args.json:
log.info(json.dumps({"type": "list",
- "items": [{"id": id, "url": value} for id, value in urls.items()]}))
+ "items": [{"id": id, "url": value} for id, value in urls.items()]},
+ indent=4))
else:
if len(urls) > 0:
for _, value in urls.items():
@@ -138,7 +139,7 @@ def pam_pta_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/security.py b/src/lib389/lib389/cli_conf/security.py
index c565974..0a119e3 100644
--- a/src/lib389/lib389/cli_conf/security.py
+++ b/src/lib389/lib389/cli_conf/security.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
diff --git a/src/lib389/lib389/cli_idm/__init__.py b/src/lib389/lib389/cli_idm/__init__.py
index 28648ad..59aedd9 100644
--- a/src/lib389/lib389/cli_idm/__init__.py
+++ b/src/lib389/lib389/cli_idm/__init__.py
@@ -1,5 +1,6 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -65,7 +66,7 @@ def _generic_list(inst, basedn, log, manager_class, args=None):
ol = mc.list()
if len(ol) == 0:
if args and args.json:
- print(json.dumps({"type": "list", "items": []}))
+ print(json.dumps({"type": "list", "items": []}, indent=4))
else:
log.info("No objects to display")
elif len(ol) > 0:
@@ -79,7 +80,7 @@ def _generic_list(inst, basedn, log, manager_class, args=None):
else:
log.info(o_str)
if args and args.json:
- print(json.dumps(json_result))
+ print(json.dumps(json_result, indent=4))
# Display these entries better!
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 51136 - dsctl and dsidm do not errors correctly when using JSON
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new a8eca1a Issue 51136 - dsctl and dsidm do not errors correctly when using JSON
a8eca1a is described below
commit a8eca1addd67fa76936a545d3c65eee2714bbad6
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Fri Jun 5 11:21:52 2020 -0400
Issue 51136 - dsctl and dsidm do not errors correctly when using JSON
Description: dsctl and dsidm were not returning errors in a JSON object
when the JSON CLI option is requested. This breaks the UI
when errors occur.
fixes: https://pagure.io/389-ds-base/issue/51136
Reviewed by: firstyear & spichugi(Thanks!)
---
src/lib389/cli/dsconf | 4 ++--
src/lib389/cli/dscreate | 2 +-
src/lib389/cli/dsctl | 5 ++++-
src/lib389/cli/dsidm | 5 ++++-
src/lib389/lib389/__init__.py | 6 +++---
src/lib389/lib389/agreement.py | 8 ++++----
src/lib389/lib389/cli_conf/plugins/automember.py | 6 +++---
src/lib389/lib389/cli_conf/plugins/dna.py | 6 +++---
src/lib389/lib389/cli_conf/plugins/linkedattr.py | 4 ++--
src/lib389/lib389/cli_conf/plugins/managedentries.py | 6 +++---
src/lib389/lib389/cli_conf/plugins/passthroughauth.py | 7 ++++---
src/lib389/lib389/cli_conf/security.py | 2 +-
src/lib389/lib389/cli_idm/__init__.py | 5 +++--
13 files changed, 37 insertions(+), 29 deletions(-)
diff --git a/src/lib389/cli/dsconf b/src/lib389/cli/dsconf
index 5143756..71fc2b6 100755
--- a/src/lib389/cli/dsconf
+++ b/src/lib389/cli/dsconf
@@ -1,7 +1,7 @@
#!/usr/bin/python3
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2016 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -139,7 +139,7 @@ if __name__ == '__main__':
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg))
+ sys.stderr.write(json.dumps(msg, indent=4))
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dscreate b/src/lib389/cli/dscreate
index 083c30c..dc4c706 100755
--- a/src/lib389/cli/dscreate
+++ b/src/lib389/cli/dscreate
@@ -80,7 +80,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg))
+ sys.stderr.write(json.dumps(msg, indent=4))
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dsctl b/src/lib389/cli/dsctl
index 9deda70..21aabd1 100755
--- a/src/lib389/cli/dsctl
+++ b/src/lib389/cli/dsctl
@@ -140,7 +140,10 @@ if __name__ == '__main__':
except Exception as e:
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
- log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
+ if args.json:
+ sys.stderr.write(json.dumps(msg, indent=4))
+ else:
+ log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
disconnect_instance(inst)
diff --git a/src/lib389/cli/dsidm b/src/lib389/cli/dsidm
index fb0b6a2..ae38d14 100755
--- a/src/lib389/cli/dsidm
+++ b/src/lib389/cli/dsidm
@@ -133,7 +133,10 @@ if __name__ == '__main__':
except Exception as e:
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
- log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
+ if args.json:
+ sys.stderr.write(json.dumps(msg, indent=4))
+ else:
+ log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
disconnect_instance(inst)
diff --git a/src/lib389/lib389/__init__.py b/src/lib389/lib389/__init__.py
index 0ff1ab1..4d2a8b4 100644
--- a/src/lib389/lib389/__init__.py
+++ b/src/lib389/lib389/__init__.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# Copyright (C) 2019 William Brown <william(a)blackhats.net.au>
# All rights reserved.
#
@@ -2968,7 +2968,7 @@ class DirSrv(SimpleLDAPObject, object):
self.log.info('Backup: %s - %s (%s)', bak, bak_date, bak_size)
if use_json:
- print(json.dumps(json_result))
+ print(json.dumps(json_result, indent=4))
return True
@@ -3012,7 +3012,7 @@ class DirSrv(SimpleLDAPObject, object):
self.log.info('{} ({}), Created ({}), Size ({})'.format(ldif_file, ldif_suffix, ldif_date, ldif_size))
if use_json:
- print(json.dumps(json_result))
+ print(json.dumps(json_result, indent=4))
return True
diff --git a/src/lib389/lib389/agreement.py b/src/lib389/lib389/agreement.py
index e2b0dc3..efcd507 100644
--- a/src/lib389/lib389/agreement.py
+++ b/src/lib389/lib389/agreement.py
@@ -229,7 +229,7 @@ class Agreement(DSLdapObject):
'con_maxcsn': con_maxcsn,
'state': agmt_status['state'],
'reason': agmt_status['message']
- })
+ }, indent=4)
else:
return "In Synchronization"
except:
@@ -253,7 +253,7 @@ class Agreement(DSLdapObject):
'con_maxcsn': con_maxcsn,
'state': agmt_status['state'],
'reason': repl_msg
- })
+ }, indent=4)
else:
return ("Not in Synchronization: supplier " +
"(%s) consumer (%s) State (%s) Reason (%s)" %
@@ -337,7 +337,7 @@ class Agreement(DSLdapObject):
status = str(e)
if just_status:
if use_json:
- return (json.dumps(status))
+ return (json.dumps(status, indent=4))
else:
return status
@@ -387,7 +387,7 @@ class Agreement(DSLdapObject):
'replication-status': [status],
'replication-lag-time': [lag_time]
}
- return (json.dumps(result))
+ return (json.dumps(result, indent=4))
else:
retstr = (
"Status For Agreement: \"%(cn)s\" (%(nsDS5ReplicaHost)s:"
diff --git a/src/lib389/lib389/cli_conf/plugins/automember.py b/src/lib389/lib389/cli_conf/plugins/automember.py
index bc5e55e..cccfbd7 100644
--- a/src/lib389/lib389/cli_conf/plugins/automember.py
+++ b/src/lib389/lib389/cli_conf/plugins/automember.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -37,7 +37,7 @@ def definition_list(inst, basedn, log, args):
else:
result.append(definition.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
@@ -94,7 +94,7 @@ def regex_list(inst, basedn, log, args):
else:
result.append(regex.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/dna.py b/src/lib389/lib389/cli_conf/plugins/dna.py
index a86034d..2904b04 100644
--- a/src/lib389/lib389/cli_conf/plugins/dna.py
+++ b/src/lib389/lib389/cli_conf/plugins/dna.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -62,7 +62,7 @@ def dna_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
@@ -125,7 +125,7 @@ def dna_config_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/linkedattr.py b/src/lib389/lib389/cli_conf/plugins/linkedattr.py
index 12b75e1..5a69eb2 100644
--- a/src/lib389/lib389/cli_conf/plugins/linkedattr.py
+++ b/src/lib389/lib389/cli_conf/plugins/linkedattr.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# Copyright (C) 2019 William Brown <william(a)blackhats.net.au>
# All rights reserved.
#
@@ -30,7 +30,7 @@ def linkedattr_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/managedentries.py b/src/lib389/lib389/cli_conf/plugins/managedentries.py
index 99ffc94..478efeb 100644
--- a/src/lib389/lib389/cli_conf/plugins/managedentries.py
+++ b/src/lib389/lib389/cli_conf/plugins/managedentries.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -48,7 +48,7 @@ def mep_config_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
@@ -113,7 +113,7 @@ def mep_template_list(inst, basedn, log, args):
else:
result.append(template.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/plugins/passthroughauth.py b/src/lib389/lib389/cli_conf/plugins/passthroughauth.py
index dc115e0..7198d86 100644
--- a/src/lib389/lib389/cli_conf/plugins/passthroughauth.py
+++ b/src/lib389/lib389/cli_conf/plugins/passthroughauth.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -73,7 +73,8 @@ def pta_list(inst, basedn, log, args):
urls = plugin.get_urls()
if args.json:
log.info(json.dumps({"type": "list",
- "items": [{"id": id, "url": value} for id, value in urls.items()]}))
+ "items": [{"id": id, "url": value} for id, value in urls.items()]},
+ indent=4))
else:
if len(urls) > 0:
for _, value in urls.items():
@@ -138,7 +139,7 @@ def pam_pta_list(inst, basedn, log, args):
else:
result.append(config.rdn)
if args.json:
- log.info(json.dumps({"type": "list", "items": result_json}))
+ log.info(json.dumps({"type": "list", "items": result_json}, indent=4))
else:
if len(result) > 0:
for i in result:
diff --git a/src/lib389/lib389/cli_conf/security.py b/src/lib389/lib389/cli_conf/security.py
index 86f9ec7..6d9fe1e 100644
--- a/src/lib389/lib389/cli_conf/security.py
+++ b/src/lib389/lib389/cli_conf/security.py
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2019 Red Hat, Inc.
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
diff --git a/src/lib389/lib389/cli_idm/__init__.py b/src/lib389/lib389/cli_idm/__init__.py
index 28648ad..59aedd9 100644
--- a/src/lib389/lib389/cli_idm/__init__.py
+++ b/src/lib389/lib389/cli_idm/__init__.py
@@ -1,5 +1,6 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
+# Copyright (C) 2020 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
@@ -65,7 +66,7 @@ def _generic_list(inst, basedn, log, manager_class, args=None):
ol = mc.list()
if len(ol) == 0:
if args and args.json:
- print(json.dumps({"type": "list", "items": []}))
+ print(json.dumps({"type": "list", "items": []}, indent=4))
else:
log.info("No objects to display")
elif len(ol) > 0:
@@ -79,7 +80,7 @@ def _generic_list(inst, basedn, log, manager_class, args=None):
else:
log.info(o_str)
if args and args.json:
- print(json.dumps(json_result))
+ print(json.dumps(json_result, indent=4))
# Display these entries better!
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 10 months