Bug 31801 - Sync schema directory
Sync schema directory
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 3.1
Other Linux
: P5 enhancement (vote)
: UCS 3.2
Assigned To: Arvid Requate
Stefan Gohmann
: interim-3
Depends on: 32391 32412
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-25 06:43 CEST by Stefan Gohmann
Modified: 2013-11-19 06:41 CET (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2013-06-25 06:43:50 CEST
We should synchronize the local schema directory to all backups:
 /var/lib/univention-ldap/local-schema
Comment 1 Arvid Requate univentionstaff 2013-08-27 20:41:34 CEST
A listener module should be implemented for this purpose,

* running on Master an Backup
* filtering for a specific objectClass representing UCS LDAP schema extensions
* writing the value of an LDAP attribute "univentionLDAPSchema"
* to a file specified by another LDAP attribute "univentionLDAPSchemaFilename"
* below the directory /var/lib/univention-ldap/local-schema.
* and commits the slapd.conf UCR template.


These UCS LDAP schema extension objects are created by metapackage joinscripts using a univention-lib function.

Additional tasks for the listener specific for the master:

* send a reload signal to the slapd (Bug #31801)
* signal schema availability (to the univention-lib function)
  by writing the attribute "univentionLDAPSchemaActive" to the LDAP object.
Comment 2 Arvid Requate univentionstaff 2013-09-02 20:53:57 CEST
The module has been implemented under the name settings_ldapschema.py
The schema data is expected to be gzip-compressed and base64 encoded.

The listener uses the "slapschema" tool to ensure schema validity during addition/removal of a schema extension. In case a univentionLDAPExtensionSchema object has been removed, but slapschema indicates that the extension is still required, the listener leaves the schema exentsion file in the local-schema directory and adds an informative comment line to it, indicating the fact of removal with a timestamp.

Changelog adjusted.
Comment 3 Arvid Requate univentionstaff 2013-09-16 17:57:30 CEST
The listener module has now been renamed to "ldap_extension" and merged with the listener of Bug #32393.

Compression was changed to bzip2 due to limitations of the python zlib module.
Comment 4 Stefan Gohmann univentionstaff 2013-09-23 09:56:46 CEST
(In reply to Arvid Requate from comment #2)
> The listener uses the "slapschema" tool to ensure schema validity during
> addition/removal of a schema extension. In case a
> univentionLDAPExtensionSchema object has been removed, but slapschema
> indicates that the extension is still required, the listener leaves the
> schema exentsion file in the local-schema directory and adds an informative
> comment line to it, indicating the fact of removal with a timestamp.

OK, I've added a simple test case for this:  
  10_ldap/72schema_reregistration_object_class

The schema update fails, see
  10_ldap/74schema_update

lg42x7ja7n (1.1) wird eingerichtet ...
Object exists: cn=ldapschema,cn=univention,dc=deadlock19,dc=local
E: Invalid Syntax: packageversion: Version must not be lower than the current one.
Comment 5 Stefan Gohmann univentionstaff 2013-09-23 14:01:31 CEST
Wait until Arvid is back.
Comment 6 Arvid Requate univentionstaff 2013-10-08 15:24:56 CEST
Ok, I fixed the debian/apt version comparison code.
Comment 7 Stefan Gohmann univentionstaff 2013-10-25 16:24:24 CEST
See 10_ldap/70schema_registration_basis the schema file is not created on a dc backup. This is required for backup2master.
Comment 8 Arvid Requate univentionstaff 2013-10-28 17:19:57 CET
Fixed.
Comment 9 Stefan Gohmann univentionstaff 2013-10-29 13:41:26 CET
OK, the file is now available on the backup as well.
Comment 10 Stefan Gohmann univentionstaff 2013-11-19 06:41:15 CET
UCS 3.2 has been released:
 http://docs.univention.de/release-notes-3.2-en.html
 http://docs.univention.de/release-notes-3.2-de.html

If this error occurs again, please use "Clone This Bug".