Hi all,
I finally managed to run the upgrade from fedora36 to fedora38, both replicas work fine. A
minor caveat, though: I received an error about the replication topology which I'm not
sure whether it affects the normal functioning of FreeIPA, it looks like it doesn't.
Here's the error:
[snip]
+ read -r PATTERN
+ sed -i.bak -e '/^\s*dynamic-db/,/};/
{s/\(\s*\)arg\s\+\(["'\'']\)\([a-zA-Z_]\+\s\)/\1\3\2/g;s/^dynamic-db/dyndb/;s@\(dyndb
"[^"]\+"\)@\1 "/usr/lib64/bind/ldap.so"@;s@\(dyndb
'\''[^'\'']\+'\''\)@\1
'\''/usr/lib64/bind/ldap.so'\''@;/\s*library[^;]\+;/d;/\s*cache_ttl[^;]\+;/d;/\s*psearch[^;]\+;/d;/\s*serial_autoincrement[^;]\+;/d;/\s*zone_refresh[^;]\+;/d;}'
/data/etc/named.conf
+ test 2 -eq 1
+ test 2 -gt 1
+ /usr/bin/getcert remove-ca -c certmaster
No CA with name "certmaster" found.
+ :
+ test 2 -eq 1
Upgrading IPA:. Estimated time: 1 minute 30 seconds
[1/9]: saving configuration
[2/9]: disabling listeners
[3/9]: enabling DS global lock
[4/9]: disabling Schema Compat
[5/9]: starting directory server
[6/9]: updating schema
[7/9]: upgrading server
Error caught updating nsDS5ReplicatedAttributeList: Server is unwilling to perform: Entry
and attributes are managed by topology plugin.No direct modifications allowed.
Error caught updating nsDS5ReplicatedAttributeListTotal: Server is unwilling to perform:
Entry and attributes are managed by topology plugin.No direct modifications allowed.
[8/9]: stopping directory server
[9/9]: restoring configuration
Done.
Update complete
[snip]
The rest of the log goes on about checks and updates and reported no more errors nor
warnings.
I also checked with the tool "checkipaconsistency" I found on GitHub and replica
state is deemed OK (I added a new posix test group and it propagated immediately). Not too
worried about this but wondering if anyone here has more insight on the error above.
Thanks