[Pkg-freeipa-devel] [Git][freeipa-team/389-ds-base][master-next] 68 commits: Ticket 49665 - Upgrade script doesn't enable PBKDF2 password storage plug-in
Timo Aaltonen
gitlab at salsa.debian.org
Fri Jun 29 11:54:56 BST 2018
Timo Aaltonen pushed to branch master-next at FreeIPA packaging / 389-ds-base
Commits:
dc690dd2 by Mark Reynolds at 2018-05-09T16:36:48-04:00
Ticket 49665 - Upgrade script doesn't enable PBKDF2 password storage plug-in
Description: There is no upgrade script to add the PBKDF2 plugin, this
fix adds the script.
https://pagure.io/389-ds-base/issue/49665
Reviewed by: ?
- - - - -
91dc8324 by Mark Reynolds at 2018-05-10T08:00:17-04:00
Ticket 49665 - Upgrade script doesn't enable CRYPT password storage plug-in
Description: There is no upgrade script to add the new CRYPT plugins, this
fix adds the script.
https://pagure.io/389-ds-base/issue/49665
Reviewed by: vashirov(Thanks!)
- - - - -
3a70d8a4 by Mark Reynolds at 2018-05-10T09:56:29-04:00
Ticket 49519 - Convert Cockpit UI to use strictly patternfly stylesheets
Description: I had previously overwritten most of PF stylesheets. This
patch contains that conversion.
https://pagure.io/389-ds-base/issue/49519
- - - - -
5d700cc4 by Mark Reynolds at 2018-05-11T15:01:18-04:00
Ticket 49673 - nsslapd-cachememsize can't be set to a value bigger than MAX_INT
Bug Description: Regression from ticket https://pagure.io/389-ds-base/issue/49618
This ticket accidentally set a MAX_INT cap on the entry cachesize.
Fix Description: Set proper max value allowed for entry and dn caches (uint64)
https://pagure.io/389-ds-base/issue/49673
Reviewed by: mreynolds(one line commit rule)
- - - - -
afb755bd by Mark Reynolds at 2018-05-13T15:01:16-04:00
Ticket 49671 - Readonly replicas should not write internal ops to changelog
Bug Description: When a hub receives an update that triggers the memberOf
plugin, but that interal operation has no csn and that
causes the update to the changelog to fail and break
replication.
Fix Description: Do not write internal updates with no csns to the changelog
on read-only replicas.
https://pagure.io/389-ds-base/issue/49671
Reviewed by: simon, tbordaz, and lkrispen (Thanks!!!)
- - - - -
50732c9e by Simon Pichugin at 2018-05-14T09:33:23+02:00
Issue 49657 - Fix cascading replication scenario in lib389 API
Bug description: We should be able to create cascading replication topology
with existing lib389 API. Fix existing topology in topologies.py
and add the functionality to replica.py API accordingly.
Fix description: Add the code to join_hub function.
Get agreement name from the last three port numbers.
When we call _create_service_group on read-only instance
do not try to create it.
Generate the replica credentials when adding the service account
and store them in ReplicationManager object.
Fix a few small issues in replica.py.
In topologies.py, divide the instance and replica creation.
Refactor topology_m1h1c1 according to the changes.
During the finalizer, check if instance exists before the removal.
https://pagure.io/389-ds-base/issue/49657
Reviewed by: mreynolds (Thanks!)
- - - - -
6e1ee76e by Viktor Ashirov at 2018-05-14T13:20:45+02:00
Issue 49106 - Move ds_* scripts to libexec
Bug Description:
Binaries like
/usr/sbin/ds_selinux_enabled
/usr/sbin/ds_selinux_port_query
/usr/sbin/ds_systemd_ask_password_acl
are not user-runnable, they are executed by other programs (setup-ds.pl
for example). They should not reside in /usr/sbin, since it's used for
storing binaries for system administration. Instead they should be placed
in /usr/libexec/dirsrv/ which is designed to store binaries that are
executed by other programs.
Fix Description:
Change install path to libexec.
https://pagure.io/389-ds-base/issue/49106
Reviewed by: mhonek, wibrown (Thanks!)
- - - - -
3037674a by Viktor Ashirov at 2018-05-14T16:00:35+02:00
Issue 49685 - make clean fails if cargo is not installed
Bug Description:
`make clean` fails if cargo is not installed.
Fix Description:
Call `cargo clean` only when we enable Rust.
https://pagure.io/389-ds-base/issue/49685
Reviewed by: mreynolds (Thanks!)
- - - - -
68ecbff0 by Viktor Ashirov at 2018-05-14T16:07:44+02:00
Issue 49684 - AC_PROG_CC clobbers CFLAGS set by --enable-debug
Bug Description:
AC_PROG_CC macro sets CFLAGS/CXXFLAGS environment variable to ` -g -O2`
for GCC if CFLAGS/CXXFLAGS are not defined.
Fix Description:
Use an empty default for CFLAGS and CXXFLAGS instead.
https://pagure.io/389-ds-base/issue/49684
Reviewed by: mreynolds (Thanks!)
- - - - -
15ff2e3d by Mark Reynolds at 2018-05-15T09:21:34-04:00
Ticket 49669 - Invalid cachemem size can crash the server during a restore
Bug Description: If you manually set the dbcachememsize to something larger than
a uint64_t the server can crash from a NULL pointer being
dereferenced.
Fix Description: Catch the NULL pointer before it is dereferenced, and abort the
restore.
https://pagure.io/389-ds-base/issue/49669
Reviewed by: firstyear & tbordaz (Thanks!!)
- - - - -
0282ef26 by Ludwig Krispenz at 2018-05-17T11:38:01+02:00
Ticket 49696: replicated operations should be serialized
Bug: there was a scenario where two threads could process replication operations in parallel.
The reason was that for a new repl start request the repl conn flag is not set and the
connection is made readable.
When the start repl op is finished, the flagi set, but in a small window the supplier could
already have sent updates and more_data would trigger this thread also to continue to process
repl operations.
Fix: In the situation where a thread successfully processed a start repl request and just set the repl_conn
flag do not use more_data.
Reviewed by: Thierry, thanks
- - - - -
6157c6a8 by Thierry Bordaz at 2018-05-17T12:47:20+02:00
Ticket 49693 - A DB_DEADLOCK while adding a tombstone (RUV) leads to access of an already freed entry
Bug Description:
During a ADD, in order to manage DB_DEADLOCK, instead of using the entry provided in the pblock
(i.e. 'e') the code uses a couple addingentry/originalentry.
Only in the initial attempt addingentry refers to 'e', in the others it refers to a duplicate one.
On DB_DEADLOCK, the entry is freed immediately (as it was not in the cache)
if we hit a DB_DEADLOCK then 'e' is freed and the next attempt is with a duplicate of 'e'.
But if the added entry is a tombstone we log a message dumping 'e', unfortunately 'e' was already freed.
Fix Description:
Use addingentry->ep_entry instead of 'e'. Also as it is for logging, test if the logging
level is set before dumping the entry.
https://pagure.io/389-ds-base/issue/49693
Reviewed by: Ludwig Krispenz, Mark Reynolds (thanks !!)
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
70314dc2 by Mark Reynolds at 2018-05-17T06:58:28-04:00
Ticket 49665 - remove obsoleted upgrade scripts
Description: Remove the recently added upgrade scripts as they are
obsolete in 1.4.0.
https://pagure.io/389-ds-base/issue/49665
Reviewed by: ?
- - - - -
dc7f1083 by Simon Pichugin at 2018-05-17T14:55:35+02:00
Issue 49581 - Fix dynamic plugins test suite
Description: Refactor plugins module and fix tests accordingly.
Divide the tests into three functions: accaptance, memory corrruption
and stress. Add absent Task and Plugin objects.
Add docstrings for every fixed object.
Move plugin acceptance tests to a separate module in plugins suite
https://pagure.io/389-ds-base/issue/49581
Reviewed by: vashirov, mreynolds, wibrown (Thanks!)
- - - - -
4521fe33 by Mark Reynolds at 2018-05-18T09:58:29-04:00
Ticket 49698 - Remove unneeded patternfly files from Cockpit package
Description: Remove files from Pattern we do not use in order to help reduce its footprint
on the package
https://pagure.io/389-ds-base/issue/49698
Reviewed by: mreynolds(one line commit rule)
- - - - -
e562157c by Thierry Bordaz at 2018-05-18T18:16:56+02:00
Ticket 48184 - clean up and delete connections at shutdown (2nd try)
Bug description:
During shutdown we would not close connections.
In the past this may have just been an annoyance, but now with the way
nunc-stans works, io events can still trigger on open xeisting connectinos
during shutdown.
Because of NS dynamic it can happen that several jobs wants to work on the
same connection. In such case (a job is already set in c_job) we delay the
new job that will retry.
In addition:
- some call needed c_mutex
- test uninitialized nunc-stans in case of shutdown while startup is not completed
Fix Description: Close connections during shutdown rather than
leaving them alive.
https://pagure.io/389-ds-base/issue/48184
Reviewed by:
Original was Ludwig and Viktor
Second fix reviewed by Mark
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
53e58cdb by Mark Reynolds at 2018-05-18T12:31:04-04:00
Ticket 49576 - Update ds-replcheck for new conflict entries
Description: This patch addresses the recvent changes to conflict
entries and tombstones.
https://pagure.io/389-ds-base/issue/49576
Reviewed by: tbordaz(Thanks!)
- - - - -
262e6aaf by Akshay Adhikari at 2018-05-21T14:52:34+05:30
Issue 49588 - Add py3 support for tickets : part-1
Description: Added py3 support by explicitly changing strings to bytes.
Ported tests from ticket to test suites, also added docstrings.
https://pagure.io/389-ds-base/issue/49588
Reviewed by: spichugi,vashirov (Thanks!)
- - - - -
9ff284fc by Viktor Ashirov at 2018-05-21T13:05:21+02:00
Issue 49679 - Missing nunc-stans documentation and doxygen warnings
Add missing nunc-stans documentation from the old repo. This also should
fix doxygen warnings about missing files
https://pagure.io/389-ds-base/issue/49679
Reviewed by: mreynolds (Thanks!)
- - - - -
50b54494 by Mark Reynolds at 2018-05-21T13:47:09-04:00
Ticket 49689 - Move Cockpit UI plugin to a subpackage
Description: Move the new UI plugin to a subpackage of 389-ds-base.
Special thanks to Viktor Ashirov for helping on this one!
https://pagure.io/389-ds-base/issue/49689
Reviewed by: vashirov(Thanks!)
- - - - -
efc96f10 by Mark Reynolds at 2018-05-22T12:27:50-04:00
Ticket 49689 - Fix local "make install" after adding cockpit subpackage
Bug Description: When doing a local "make install" the cockpit UI files
are not copied to the "buildroot", which then leads to
rsync failing.
Fix Description: If the "source directory" is not the same as the current
directory, then its a local "make install" and not a
"make rpms". In that case just copy over the cockpit ui
directory to the local buildroot. This makes it easy to
test Cockpit UI changes using "make install".
https://pagure.io/389-ds-base/issue/49689
Reviewed by: mreynolds(one line commit rule)
- - - - -
c1e022d4 by Viktor Ashirov at 2018-05-23T16:01:15+02:00
Issue 49678 - organiSational vs organiZational spelling in lib389
Bug description:
RFC4519 defines 'organization' object class using Oxford spelling.
It is common for academic, formal, and technical writing for an
international readership. We should be following common spelling
in function names and methods, otherwise it is confusing
and annoying to remember which one is used where.
Fix description:
Use Oxford spelling for 'organization' and 'organizationalUnit'.
https://pagure.io/389-ds-base/issue/49678
Reviewed by: spichugi, mhonek (Thanks!)
- - - - -
8330887e by Viktor Ashirov at 2018-05-23T16:11:29+02:00
Issue 49684 - AC_PROG_CC clobbers CFLAGS set by --enable-debug
Bug description:
Default CFLAGS and CXXFLAGS might be unset without --enable-debug.
Fix description:
* Provide default CFLAGS and CXXFLAGS that would be set by AC_PROG_CC
otherwise.
* Split compiler flags and preprocessor flags into separate variables so
they are applied in a correct order.
https://pagure.io/389-ds-base/issue/49684
Reviewed by: mhonek (Thanks!)
- - - - -
164a9591 by Mark Reynolds at 2018-05-23T14:46:14-04:00
Ticket 49706 - Finish UI patternfly convertions
Description: A few modals were not converted to PF, and other minor issues
with JS and updating tables
https://pagure.io/389-ds-base/issue/49706
Reviewed by: ?
- - - - -
9e046a35 by Mark Reynolds at 2018-05-25T09:47:31-04:00
Ticket 49576 - Add support of ";deletedattribute" in ds-replcheck
Description: Also need to check for ";deletedattribute" when processing LDIF file
https://pagure.io/389-ds-base/issue/49576
Reviewed by: tbordaz(Thanks!)
- - - - -
7a8b5ace by Mark Reynolds at 2018-05-25T12:26:55-04:00
Ticket 49675 - Fix coverity issues
Description: Fixed these coverity issues. Some of these fixes are
just to quiet convscan:
16852 Unsigned compared - entrycache_add_int
16848 Unsigned compared - dncache_add_int
16704 Explicit null dereferenced s- lapd_SSL_client_auth
15953 Resource leak - new_task
15583 Out-of-bounds read - create_filter
15445 Unused value - ruv_update_ruv
15442 Argument cannot be negative - dse_write_file_nolock
15223 Double unlock - ruv_get_referrals
15170 Explicit null dereferenced - passwd_apply_mods
15581 Wrong sizeof argument - slapi_be_new
15144 Constant expression result - upgradedn_producer
Also fixed a few compiler warnings
https://pagure.io/389-ds-base/issue/49675
Reviewed by: spichugi & lkrispenz(Thanks!!)
- - - - -
1d9a80fb by Anuj Borah at 2018-05-28T12:18:31+05:30
Issue 49582 - Add py3 support to memberof_plugin test suite
Description: Fix memberof_plugin/regression_test.py by switching to ReplicationManager.
https://pagure.io/389-ds-base/issue/49582
Reviewed by: vashirov
- - - - -
e350a268 by Mark Reynolds at 2018-05-28T10:09:58-04:00
Ticket 49722 - Errors log full of " WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set" messages
Description: If searching on entrydn, and the value is not found return an empty
list instead of NULL. This prevent these harmless error messages in
log
https://pagure.io/389-ds-base/issue/49722
Reviewed by: ?
- - - - -
27a16a06 by Mark Reynolds at 2018-05-28T11:42:39-04:00
Ticket 49726 - DS only accepts RSA and Fortezza cipher families
Bug Description: Currently DS only accepts fortezza and RSA cipher families.
This prevents things like ECC certificates from being used.
Fix Description: Instead of hardcoding the cipher families, just grab the
current type and use it.
Also cleaned up code: removed unncessary "ifdefs", and switched
for loops to use size_t.
https://pagure.io/389-ds-base/issue/49726
Reviewed by: ?
- - - - -
6bfe74fc by Mark Reynolds at 2018-05-28T12:10:23-04:00
Ticket 49704 - Error log from the installer is concatenating all lines into one
Description: Created new bootpopup wrapper functions that use the "content" option
to add html messages. Then we use "pre" html tags for messages that
come from the CLI, and regular "p" tags for generic messages.
Also durign instance creation we now strip "slapd-" from instance
name because the installer automatically adds "slapd-" to the name
anyway.
https://pagure.io/389-ds-base/issue/49704
Reviewed by: firstyear(Thanks!)
- - - - -
593a73e6 by Mark Reynolds at 2018-05-29T16:08:22-04:00
Ticket 49683 - Add support for JSON option in lib389 CLI tools
Description: This is the initial patch for adding a json option to
the CLI tools. This patch also addresses issues with
using LDAPI with the CLI.
https://pagure.io/389-ds-base/issue/49683
Reviewed by: firstyear & spichugi (Thanks!!)
- - - - -
2e467029 by Matúš Honěk at 2018-05-30T13:52:16+02:00
Ticket 49333 - Do not remove versioned man pages
Bug Description: Until resolving ticket 49689 in 50b5449, running
`make clean' removed also man pages which were tracked in the
versioning system (notably man1 and man8).
Fix Description: Bring back only removal of man3 man pages as they are
autogenerated and thus should not be tracked.
https://pagure.io/389-ds-base/issue/49333
Author: mhonek
Review by: mreynolds (thanks!)
- - - - -
1b7198a0 by Mark Reynolds at 2018-05-30T13:13:59-04:00
Ticket 49675 - Revise coverity fix
Description: Fix issues with last coverity patch: missing unlock, and a
return code was needed.
Also fixed issue 17472 (memory leak in uid.c)
https://pagure.io/389-ds-base/issue/49675
Reviewed by: tbordaz & lkrispenz(Thanks!!)
- - - - -
085e99f7 by Thierry Bordaz at 2018-05-31T18:34:06+02:00
Ticket 48184 - clean up and delete connections at shutdown (3rd)
Bug description:
During shutdown we would not close connections.
In the past this may have just been an annoyance, but now with the way
nunc-stans works, io events can still trigger on open xeisting connectinos
during shutdown.
Fix Description:
Because of NS dynamic it can happen that several jobs wants to work on the
same connection. In such case (a job is already set in c_job) we delay the
new job that will retry.
In addition:
- some call needed c_mutex
- test uninitialized nunc-stans in case of shutdown while startup is not completed
If it is not possible to schedule immediately a job it is sometime useless to wait:
- if the connection is already freed, just cancel the scheduled job
and do not register a new one
- If we are in middle of a shutdown we do not know if the
scheduled job is ns_handle_closure, so cancel the scheduled
job and schedule ns_handle_closure.
https://pagure.io/389-ds-base/issue/48184
Reviewed by:
Original fix reviewed by Ludwig and Viktor
Second fix reviewed by Mark
Third fix reviewed by Mark
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
d09a57d4 by Mark Reynolds at 2018-05-31T15:28:25-04:00
Add Cockpit UI fonts
On F28 these fonts are requested by both Firefox and Chrome so I'm adding them back.
Reviewed by: mreynolds
- - - - -
b0e05806 by Thierry Bordaz at 2018-06-01T17:27:19+02:00
Ticket 49736 - Hardening of active connection list
Bug Description:
In case of a bug in the management of the connection refcnt
it can happen that there are several attempts to move a connection
out of the active list.
It triggers a crash because when derefencing c->c_prev.
c_prev is never NULL on the active list
Fix Description:
The fix tests if the connection is already out of the active list.
If such case, it just returns.
A potential issue that is not addressed by this fix is:
Thread A and Thread B are using 'c' but c->refcnt=1 (it should be 2)
Thread A "closes" 'c', 'c' is move out of active list (free) because of refcnt=0
A new connection happens selecting the free connection 'c', moving it to the active list.
Thread C is using 'c' from the new connection c->refcnt=1
Thread B "closes" 'c', 'c' is moved out of the active list.
-> new operation coming on 'c' will not be detected
-> Thread C will likely crash when sending result
https://pagure.io/389-ds-base/issue/49736
Reviewed by: Mark Reynolds (thanks!)
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
d5e1164a by Mark Reynolds at 2018-06-04T09:44:30-04:00
Ticket 48377 - Bundle jemalloc
Descriptrion: gperftools is going away in RHEL, that includes tcmalloc, so
we now need to bundle jemalloc again.
https://pagure.io/389-ds-base/issue/48377
Reviewed by: vashirov(Thanks!)
- - - - -
67efef07 by Mark Reynolds at 2018-06-05T08:13:48-04:00
Ticket 49732 - Optimize resource limit checking for rootdn issued searches
Description: When performing a search as the Directory Manager resource limits
should not apply. So there is no need to "get" the limits if its
a Directory Manager initiated search. I'm seeing around 2% performance
increase when we skip getting the resource limits.
https://pagure.io/389-ds-base/issue/49732
Reviewed by: tbordaz (Thanks!)
Signed-off-by: Mark Reynolds <mreynolds at redhat.com>
- - - - -
d870eb0d by Mark Reynolds at 2018-06-05T11:44:35-04:00
Ticket 49748 - Passthru plugin startTLS option not working
Description: While you can configure a connection to use StartTLS the
plugin code did not attempt to use StartTLS.
https://pagure.io/389-ds-base/issue/49748
Reviewed by: tbordaz & lkrispenz(Thanks!!)
- - - - -
809be53d by Simon Pichugin at 2018-06-06T15:07:05+02:00
Issue 49646 - Improve TLS cert processing in lib389 CLI
Description: Add a new option to setup.inf file - self_sign_cert_valid_months
which accepts int value. dscreate should renew Self-signed CA if
it is expired or it will expire less than in 2 months.
Also, we need to import it to other existing instances.
Remove the NSS DB in the test topology during a teardown.
Fix small issues in nss_tls_test.
Add format_cmd_list function to utils.py. It returns a nicely formatted
quoted representation of the command list we put into subprocess call.
Add more logging to nss_tls.py. Change the default validity period to 24 months.
https://pagure.io/389-ds-base/issue/49646
Reviewed by: mreynolds, tbordaz, mhonek (Thanks!)
- - - - -
791e5aab by Simon Pichugin at 2018-06-06T22:50:04+02:00
Issue 49381 - Add docstrings to plugin test suites - Part 1
Description: Add and refactor the test case docstrings.
They should follow one exact format for communicating
with internal tool. Also it should be readable enough
to provide the main idea about the test case.
https://pagure.io/389-ds-base/issue/49381
Reviewed by: vashirov (Thanks!)
- - - - -
7c9ccb80 by Mark Reynolds at 2018-06-07T08:28:30-04:00
Ticket 47902 - UI - add continuous refresh log feature
Description: Added checkbox to turn on server log continuous refresh
https://pagure.io/389-ds-base/issue/49702
Reviewed by: spichugi(Thanks!)
- - - - -
9d8887ad by Mark Reynolds at 2018-06-07T09:34:41-04:00
Ticket 49754 - instances created with dscreate can not be upgraded with setup-ds.pl
Bug Description: If you create an instance with dscreate and try to
upgrade that instance using setup-ds.pl it will fail.
While you should not mix and match the python and perl
tools, it is still possible and it should work.
Fix Description: The first problem was that the instance dir (inst_dir)
was not set during dscreate, and second we were also not
setting the correct inst_dir in defaults.inf.
Also dscreate does not create a backend by default,
which caused 80upgradednformat.pl to fail on an upgrade.
Finally updated UI's instance creation template to use
the correct inst_dir.
https://pagure.io/389-ds-base/issue/49754
Reviewed by: vashirov(Thanks!)
- - - - -
88950b0d by Simon Pichugin at 2018-06-07T15:37:35+02:00
Issue 49761 - Fix test suite issues
Description: A lot of tests are failing because of the API changes.
We need to fix them ASAP.
Fix description: Add __init__.py to import and mapping_tree test suite
so it will create its own __pycache__.
Use the new Agriments object for reinit.
Run range_search memory leak test only when ASAN is enabled and
remove valgrind support because ASAN is enough.
Generate ou=People and ou=Groups in the dbgen.py module, it is
required by some tests.
In the replica.py module, use existing credentials when we join master to
the existing first_master and when we failed to get it from the ReplicationManager.
https://pagure.io/389-ds-base/issue/49761
Reviewed by: mreynolds (Thanks!)
- - - - -
dec51953 by Mark Reynolds at 2018-06-07T10:24:43-04:00
Ticket 49745 - UI add filter options for error log severity levels
Description: Add a filtering option for error logging that allows
for filtering log content by severity levels. This includes
a generic option for all "errors" and all "info messages"
https://pagure.io/389-ds-base/issue/49745
Reviewed by: spichugi(Thanks!)
- - - - -
cfb7dc2b by Thierry Bordaz at 2018-06-07T18:21:02+02:00
Ticket 49765 - Async operations can hang when the server is running nunc-stans
Bug Description:
The fix https://pagure.io/389-ds-base/issue/48184 allowed to schedule
several NS handlers where each handler waits for the dispatch of the
previous handler before being schedule.
In case the current handler is never called (connection inactivity)
those that are waiting can wait indefinitely (until timeout or connection
closure). But those that are waiting delay the processing of the operation
when the scheduling is called by connection_threadmain.
The some operations can appear hanging.
This scenario happens with async operations
Fix Description:
Instead of waiting for the completion of the scheduled handler,
evaluates if the scheduled handler needs to be cleared (ns_job_done)
or the waiting handler to be canceled.
https://pagure.io/389-ds-base/issue/49765
Reviewed by: Mark Reynolds (thanks Mark !)
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
68cf69c8 by Mark Reynolds at 2018-06-08T08:10:53-04:00
Ticket 49689 - Cockpit subpackage does not build in PREFIX installations
Description: For prefix isntallations we need to make sure the destination
location directory tree is created: mkdir -p
https://pagure.io/389-ds-base/issue/49689
Reviewed by: mreynolds(one line commit rule)
- - - - -
2a82ad2d by Thierry Bordaz at 2018-06-08T14:35:32+02:00
Ticket 49765 - compiler warning
- - - - -
8f04487f by Thierry Bordaz at 2018-06-08T15:13:51+02:00
Ticket 49768 - Under network intensive load persistent search can erronously decrease connection refcnt
Bug Description:
If a connection enters in turbo mode (because of high traffic) or
a worker reads several requests in the read buffer (more_data), the thread
keeps processing connection.
In that condition it should not decrease the refcnt.
In case the operation is a persistent search, it decreases systematically
the refcnt.
So refcnt can become lower than the actual number of threads active on the connection.
Most of the time it can create messages like
Attempt to release connection that is not acquired
In some rare case, if the a connection is out of the active list but a remaining thread
tries to remove it again it can lead to a crash
Fix Description:
The fix consist, when processing a PS, to decrease the refcnt at the condition
the connection is not in turbo mode or in more_data.
https://pagure.io/389-ds-base/issue/49768
Reviewed by: Mark Reynolds
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
05587eda by Thierry Bordaz at 2018-06-08T17:56:03+02:00
Ticket 49742 - Fine grained password policy can impact search performance
Bug Description:
new_passwdPolicy is called with an entry DN.
In case of fine grain password policy we need to retrieve
the possible password policy (pwdpolicysubentry) that applies to
that entry.
It triggers an internal search to retrieve the entry.
In case of a search operation (add_shadow_ext_password_attrs), the
entry is already in the pblock. So it is useless to do an additional
internal search for it.
Fix Description:
in case of fine grain password policy and a SRCH operation,
if the entry DN matches the entry stored in the pblock (SLAPI_SEARCH_RESULT_ENTRY)
then use that entry instead of doing an internal search
https://pagure.io/389-ds-base/issue/49742
Reviewed by: Mark Reynolds
Platforms tested: F26
Flag Day: no
Doc impact: no
- - - - -
e33c5013 by Mark Reynolds at 2018-06-08T12:24:14-04:00
Cockpit UI Fixes
This patch addresses these tickets:
https://pagure.io/389-ds-base/issue/49741
- Fixed repl agreement edit form
https://pagure.io/389-ds-base/issue/49740
- Set color-blind friendly colors. Also used Thumbs up/down
icons for repl state
https://pagure.io/389-ds-base/issue/49703
- Set default values in create instance form (also checks if
default ports are available
Reviewed by: vashirov(Thanks!)
- - - - -
9186bcec by Mark Reynolds at 2018-06-08T12:29:42-04:00
Ticket 49571 - perl subpackage and python installer by default
Bug Description: With 1.4.0 fast coming, we need to split
the legacy perl out to a subpackage, and coerce our tests to
python installer by default.
Fix Description: Add a legacy tools subpackage
https://pagure.io/389-ds-base/issue/49571
Author: wibrown & vashirov(Thanks!!)
- - - - -
2dad1cd8 by Simon Pichugin at 2018-06-08T21:04:28+02:00
Issue 49640 - Errors about PBKDF2 password storage plugin at server startup
Bug description: Schema check errors are logged in the error log at start up.
It happens because of the missing attributes that are required by
nsslapdPlugin objectclass. Also we add the Password Storage Schemes
two times: in config.c and in fedse.c.
Fix description: Remove PBKDF2_SHA256 from slapd_bootstrap_config
because setup_internal_backends will happen shortly after (during main.c).
Another part of the fix - add nsslapd-pluginId, nsslapd-pluginVersion,
nsslapd-pluginVendor, and nsslapd-pluginDescription attributes to
fedse.c. The values don't matter because it will be rewritten shortly
after from pwd_storage_scheme_init functions (still during the startup).
https://pagure.io/389-ds-base/issue/49640
Reviewed by: mreynolds (Thanks!)
- - - - -
6175d376 by Mark Reynolds at 2018-06-08T15:21:21-04:00
Bump version to 1.4.0.10
- - - - -
db80854c by Mark Reynolds at 2018-06-08T19:05:45-04:00
Revert "Bump version to 1.4.0.10"
This reverts commit 6175d376258d2e5e819b82e88464127ccd9bcdfd.
- - - - -
afd83086 by Mark Reynolds at 2018-06-08T19:16:29-04:00
Ticket 46918 - Fix compiler warnings on arm
Description: There were still a few lingering compiler errors
https://pagure.io/389-ds-base/issue/46918
Reviewed by: mreynolds(one line commit rule)
- - - - -
24c5c00f by Mark Reynolds at 2018-06-08T19:18:43-04:00
Bump version to 1.4.0.10
- - - - -
8807440b by Mark Reynolds at 2018-06-11T11:52:57-04:00
Ticket 49576 - ds-replcheck: fix certificate directory verification
Description: The tool would crash if you attempted to use a certificate
directory for conntacting replicas.
https://pagure.io/389-ds-base/issue/49576
Reviewed by: ?
- - - - -
0d7259fa by Mark Reynolds at 2018-06-11T13:01:01-04:00
Ticket 48204 - remove python2 from scripts
Description: Change the @pythonexec@ macro to use python3
https://pagure.io/389-ds-base/issue/48204
Reviewed by: ?
- - - - -
f9d19b0b by Mark Reynolds at 2018-06-11T16:05:31-04:00
Remove old RHEL/fedora version checking from upstream specfile
- - - - -
60339ce8 by Akshay Adhikari at 2018-06-13T16:25:35+05:30
Issue 49588 - Add py3 support for tickets : part-2
Description: Added py3 support by explicitly changing strings to bytes.
Ported tests from ticket to test suites, also added docstrings.
https://pagure.io/389-ds-base/issue/49588
Reviewed by: spichugi (Thanks!)
- - - - -
5226bf99 by Mark Reynolds at 2018-06-13T20:08:17-04:00
Ticket 49712 - lib389 CLI tools should return a result code on failures
Description: I've also included the work for 49775 in this patch since
there was a lot of overldap.
For dsctl functions we need to check for True and False in
order to detect an error. For dsconf & dsidm we need to
catch exceptions. Once an error is detected we return error
code (1).
The changes for 49775 was to use the default archive directory
if one was not specified to db2bak, and use the default ldif
location for db2ldif. This how the old tools worked, no
reason not to carry over this convenience. Also the format
used for the file name (Instance name + Date/Time) is the same
as the old cli tools.
Also did some pep8 cleanup.
https://pagure.io/389-ds-base/issue/49712
Reviewed by: spichugi(Thanks!)
- - - - -
5fe4e21a by Mark Reynolds at 2018-06-14T12:06:38-04:00
Ticket 49777 - add config subcommand to dsconf
Description: Added a "config" subcomand to dsconf for getting and
setting cn=config attributes. Also fixed JSON issues.
https://pagure.io/389-ds-base/issue/49777
Reviewed by: spichugi(Thanks!)
- - - - -
2707e398 by Dj Padzensky at 2018-06-14T12:25:55-07:00
Fixing 4-byte UTF-8 character validation
- - - - -
a518313e by Dj Padzensky at 2018-06-17T10:53:42-07:00
Test for issue #49788
- - - - -
d590a1cd by Mark Reynolds at 2018-06-19T12:39:27-04:00
Bump version to 1.4.0.11
- - - - -
6dee0c1d by Timo Aaltonen at 2018-06-29T09:33:58+03:00
Merge tag '389-ds-base-1.4.0.11' into master-next
- - - - -
2cab7ba3 by Timo Aaltonen at 2018-06-29T13:54:36+03:00
ftbs_lsoftotkn3.diff: Dropped, obsolete.
- - - - -
12 changed files:
- Makefile.am
- VERSION.sh
- configure.ac
- debian/changelog
- − debian/patches/ftbs_lsoftotkn3.diff
- debian/patches/series
- dirsrvtests/tests/stress/cos/cos_scale_template_test.py
- dirsrvtests/tests/suites/acl/acl_test.py
- dirsrvtests/tests/tickets/ticket47553_test.py → dirsrvtests/tests/suites/acl/enhanced_aci_modrnd_test.py
- dirsrvtests/tests/tickets/ticket1347760_test.py → dirsrvtests/tests/suites/acl/repeated_ldap_add_test.py
- dirsrvtests/tests/tickets/ticket47653_test.py → dirsrvtests/tests/suites/acl/selfdn_permissions_test.py
- dirsrvtests/tests/suites/dynamic_plugins/dynamic_plugins_test.py
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/compare/394155969b5a580c3573c37246c7b1d6356f7bc3...2cab7ba31de9116b1dd12a865715fcc93ab0db8a
--
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/compare/394155969b5a580c3573c37246c7b1d6356f7bc3...2cab7ba31de9116b1dd12a865715fcc93ab0db8a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20180629/286f7fdc/attachment-0001.html>
More information about the Pkg-freeipa-devel
mailing list