|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
From aab181f0a952a56034278b13b1fdc224132d66f4 Mon Sep 17 00:00:00 2001
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
Date: Tue, 7 Feb 2012 15:26:00 -0500
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
Subject: [PATCH] Add tool to add memberOf to replication attribute exclusion
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
list
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
We were creating replication agreements without excluding memberOf
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
which could cause unnecessary replication traffic.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
https://fedorahosted.org/freeipa/ticket/2218
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
---
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
install/tools/Makefile.am | 1 +
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
install/tools/ipa-fixreplica | 129 ++++++++++++++++++++++++++++++++++++
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
install/tools/man/Makefile.am | 1 +
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
install/tools/man/ipa-fixreplica.1 | 51 ++++++++++++++
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipaserver/install/replication.py | 29 +++++----
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
6 files changed, 203 insertions(+), 12 deletions(-)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
create mode 100755 install/tools/ipa-fixreplica
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
create mode 100644 install/tools/man/ipa-fixreplica.1
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
diff --git a/install/tools/Makefile.am b/install/tools/Makefile.am
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
index 7e071af..cf4d7fd 100644
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
--- a/install/tools/Makefile.am
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+++ b/install/tools/Makefile.am
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
@@ -12,6 +12,7 @@ sbin_SCRIPTS = \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-replica-install \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-replica-prepare \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-replica-manage \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ ipa-fixreplica \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-csreplica-manage \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-server-certinstall \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipactl \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
diff --git a/install/tools/ipa-fixreplica b/install/tools/ipa-fixreplica
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
new file mode 100755
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
index 0000000..e444853
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
--- /dev/null
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+++ b/install/tools/ipa-fixreplica
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
@@ -0,0 +1,129 @@
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+#!/usr/bin/python
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# Authors: Rob Crittenden <rcritten@redhat.com>
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+#
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# Copyright (C) 2012 Red Hat
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# see file 'COPYING' for use and warranty information
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+#
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# This program is free software; you can redistribute it and/or modify
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# it under the terms of the GNU General Public License as published by
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# the Free Software Foundation, either version 3 of the License, or
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# (at your option) any later version.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+#
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# This program is distributed in the hope that it will be useful,
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# GNU General Public License for more details.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+#
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# You should have received a copy of the GNU General Public License
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+#
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+import sys
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+import os
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+import pwd
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+try:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ from optparse import OptionParser
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ from ipapython import ipautil, config
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ from ipaserver import ipaldap
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ from ipaserver.install import installutils, replication
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ from ipaserver.plugins.ldap2 import ldap2
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ from ipalib import api, errors
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+except ImportError:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print >> sys.stderr, """\
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+There was a problem importing one of the required Python modules. The
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+error was:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ %s
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+""" % sys.exc_value
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(1)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+def parse_options():
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ usage = "%prog [options]\n"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ parser = OptionParser(usage=usage, formatter=config.IPAFormatter())
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ parser.add_option("-t", "--test", action="store_true", dest="test",
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ help="Run in test mode, no changes are applied")
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ parser.add_option("-d", "--debug", action="store_true", dest="debug",
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ help="Display debugging information about the update(s)")
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ parser.add_option("-y", dest="password",
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ help="File containing the Directory Manager password")
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ options, args = parser.parse_args()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ return options, args
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+def get_dirman_password():
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ """Prompt the user for the Directory Manager password and verify its
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ correctness.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ """
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ password = installutils.read_password("Directory Manager", confirm=False, validate=False)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ return password
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+def main():
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ retval = 0
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ options, args = parse_options()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if os.getegid() == 0:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ installutils.standard_logging_setup("/var/log/ipaserver-fixreplica.log", options.debug, filemode='a')
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ api.bootstrap(context='cli', debug=options.debug)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ api.finalize()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ conn = None
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ dirman_password = ""
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if os.getegid() == 0:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ conn = ipaldap.IPAdmin(api.env.host, ldapi=True, realm=api.env.realm)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ conn.do_external_bind(pwd.getpwuid(os.geteuid()).pw_name)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if options.password:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ pw = ipautil.template_file(options.password, [])
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ dirman_password = pw.strip()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ dirman_password = get_dirman_password()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if dirman_password is None:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit("\nDirectory Manager password required")
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ repl = replication.ReplicationManager(api.env.realm, api.env.host,
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ dirman_password, conn=conn)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ entries = repl.find_replication_agreements()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print "Found %d agreement(s)" % len(entries)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ for replica in entries:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print "%s: " % replica.description
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if 'memberof' not in replica.nsDS5ReplicatedAttributeList:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print " Attribute list needs updating"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ current = replica.toDict()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ replica.setValue('nsDS5ReplicatedAttributeList',
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ replica.nsDS5ReplicatedAttributeList + ' memberof')
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if not options.test:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ try:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ repl.conn.updateEntry(replica.dn, current, replica.toDict())
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print " Updated"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ except Exception, e:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print "Error caught updating replica: %s" % str(e)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ retval = 1
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print " Test mode, not updating"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ retval = 2
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print " Attribute list ok"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ return retval
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+try:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if __name__ == "__main__":
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(main())
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+except RuntimeError, e:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print "%s" % e
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(1)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+except SystemExit, e:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(e)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+except KeyboardInterrupt, e:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(1)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+except config.IPAConfigError, e:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print "IPA replica not configured."
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(0)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+except errors.LDAPError, e:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ print "An error occurred while performing operations: %s" % e
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ sys.exit(1)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
diff --git a/install/tools/man/Makefile.am b/install/tools/man/Makefile.am
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
index 43dc57f..fd219f1 100644
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
--- a/install/tools/man/Makefile.am
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+++ b/install/tools/man/Makefile.am
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
@@ -6,6 +6,7 @@ NULL=
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
man1_MANS = \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-replica-conncheck.1 \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ ipa-fixreplica.1 \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-replica-install.1 \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-replica-manage.1 \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
ipa-csreplica-manage.1 \
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
diff --git a/install/tools/man/ipa-fixreplica.1 b/install/tools/man/ipa-fixreplica.1
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
new file mode 100644
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
index 0000000..9af72cc
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
--- /dev/null
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+++ b/install/tools/man/ipa-fixreplica.1
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
@@ -0,0 +1,51 @@
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" A man page for ipa-fixreplica
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" Copyright (C) 2012 Red Hat, Inc.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" This program is free software; you can redistribute it and/or modify
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" it under the terms of the GNU General Public License as published by
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" the Free Software Foundation, either version 3 of the License, or
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" (at your option) any later version.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" This program is distributed in the hope that it will be useful, but
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" General Public License for more details.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" You should have received a copy of the GNU General Public License
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\" Author: Rob Crittenden <rcritten@redhat.com>
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.\"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.TH "ipa-fixreplica" "1" "Jan 6 2012" "FreeIPA" "FreeIPA Manual Pages"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.SH "NAME"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ipa\-fixreplica \- Add memberOf as excluded attribute to replication agreements
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.SH "SYNOPSIS"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ipa\-fixreplica [options]
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.SH "DESCRIPTION"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+The memberOf attribute was not properly added to some replication agreements
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+causing unnecessary replication. This tool will update all replication
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+agreements for the current host and add memberOf to the exclusion list.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+When executed as root no password is required, otherwise it will prompt
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+for the Directory Manager password.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+This is executed when the package is updated in rpm so should not need
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+to be run by an end-user. It is not harmful to run multiple times.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+This needs to be run on all replicas to be truly effective.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.SH "OPTIONS"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.TP
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+\fB\-d\fR, \fB\-\-debug\fR
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+Enable debug logging when more verbose output is needed
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.TP
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+\fB\-t\fR, \fB\-\-test\fR
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+Run in test mode, no changes are applied
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.TP
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+\fB\-y\fR \fIfile\fR
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+File containing the Directory Manager password
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+.SH "EXIT STATUS"
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+0 if the command was successful or IPA is not configured
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+1 if an error occurred
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+2 If during test mode it determines that there are agreements that need updating
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
index 8c8502e..79c0fe7 100644
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
--- a/ipaserver/install/replication.py
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+++ b/ipaserver/install/replication.py
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
@@ -99,7 +99,7 @@ def enable_replication_version_checking(hostname, realm, dirman_passwd):
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
class ReplicationManager(object):
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
"""Manage replication agreements between DS servers, and sync
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
agreements with Windows servers"""
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- def __init__(self, realm, hostname, dirman_passwd, port=PORT, starttls=False):
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ def __init__(self, realm, hostname, dirman_passwd, port=PORT, starttls=False, conn=None):
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
self.hostname = hostname
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
self.port = port
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
self.dirman_passwd = dirman_passwd
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
@@ -108,18 +108,23 @@ class ReplicationManager(object):
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
tmp = util.realm_to_suffix(realm)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
self.suffix = str(DN(tmp)).lower()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- # If we are passed a password we'll use it as the DM password
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- # otherwise we'll do a GSSAPI bind.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- if starttls:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- self.conn = ipaldap.IPAdmin(hostname, port=port)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, CACERT)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- self.conn.start_tls_s()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- self.conn = ipaldap.IPAdmin(hostname, port=port, cacert=CACERT)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- if dirman_passwd:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- self.conn.do_simple_bind(bindpw=dirman_passwd)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ # The caller is allowed to pass in an existing IPAdmin connection.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ # Open a new one if not provided
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if conn is None:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ # If we are passed a password we'll use it as the DM password
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ # otherwise we'll do a GSSAPI bind.
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if starttls:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ self.conn = ipaldap.IPAdmin(hostname, port=port)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, CACERT)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ self.conn.start_tls_s()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ self.conn = ipaldap.IPAdmin(hostname, port=port, cacert=CACERT)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ if dirman_passwd:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ self.conn.do_simple_bind(bindpw=dirman_passwd)
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ self.conn.do_sasl_gssapi_bind()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
else:
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
- self.conn.do_sasl_gssapi_bind()
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
+ self.conn = conn
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
self.repl_man_passwd = dirman_passwd
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
--
|
|
![](https://seccdn.libravatar.org/avatar/ba1d495deb8026bcb98dda23c545db23a64d9212a325453dbb238c8b8c8091ab?s=16&d=retro) |
445dd16 |
1.7.6
|