Univention Bugzilla – Bug 47581
Fix schema issue caused by default master packages of OX app
Last modified: 2018-08-21 12:48:16 CEST
The OX schema fix of Bug 46736 cannot be installed via the App Center on UCS domains whose UCS master already updated to UCS 4.3. The app's DefaultMasterPackages of UCS 4.2 are not available on UCS 4.3 master and therefore will create schema problems later on.
univention-server-master and univention-server-backup now contain a script reregister_ox_ldap_schema.sh that 1) updates and disables the static schema template for slapd.conf 2) reregisters the OX LDAP schema in LDAP. The script ships the same version of /etc/univention/templates/files/etc/ldap/slapd.conf.d/29univention-open-xchange_schema that is also shipped via univention-ox-directory-integration of 7.8.4-ucs11. So just in case the package is update on DC master/backup, dpkg will not complain about a manually modified UCR template (if the pkg not updated, of course dpkg will complain :-). On DC backup, the UCR variable ox/master/42/registered_ldap_acls is set to "yes", to disable the static inclusion just in case somewhere in the future backup2master is called. On DC master, the same code as in univention-ox-directory-integration's reregister_ldap_shema.sh is called. reregister_ox_ldap_schema.sh is always called in postinst, but the script will first check if univention-ox-directory-integration is installed. If this is the case, the actions mentions above will be performed. If univention-ox-directory-integration is not installed, nothing happens. Package: univention-server Version: 13.0.0-4A~4.3.0.201808141212 Branch: ucs_4.3-0 Scope: errata4.3-1 univention-server (13.0.0-4) f6f145ef29e2 | Bug #47581: fix OX schema issue caused by default master packages univention-server.yaml 5bb48fe2c9b6 | Bug #47581: update advisory c9385b21a1bd | Bug #47581: add advisory
During package update LANG=C dpkg-query -W -f '${Status}' univention-ox-directory-integration does not return "install ok installed" in any case but "install ok unpacked" or "install ok half-configured" so the schema fix was not performed → fixed Package: univention-server Version: 13.0.0-5A~4.3.0.201808151332 Branch: ucs_4.3-0 Scope: errata4.3-1
317ebbb1eb Bug #47581: update advisory 11d35de80f Bug #47581: improved check when to trigger OX schema issue cleanup Package: univention-server Version: 13.0.0-6A~4.3.0.201808151601 Branch: ucs_4.3-0 Scope: errata4.3-1
OK: both DC master and DC backup ran the correct code. DC master (m120): 4.3-1 errata112 DC backup (b124): 4.3-1 errata112 DC slave (s121): 4.2-4 errata418 oxseforucs=7.8.4-ucs10 # on DC master: root@m120:~# egrep 'ox.*schema' /etc/ldap/slapd.conf include /usr/share/univention-ldap/schema/oxforucs-extra.schema include /usr/share/univention-ldap/schema/oxforucs.schema root@m120:~# udm settings/ldapschema list --filter 'cn=oxforucs*' | grep -v data: DN: cn=oxforucs-extra,cn=ldapschema,cn=univention,dc=uni,dc=dtr active: TRUE appidentifier: oxseforucs_7.8.4-ucs2 filename: oxforucs-extra.schema name: oxforucs-extra package: univention-ox packageversion: 9.0.7-11A~4.2.0.201801031550 DN: cn=oxforucs,cn=ldapschema,cn=univention,dc=uni,dc=dtr active: TRUE appidentifier: oxseforucs_7.8.4-ucs2 filename: oxforucs.schema name: oxforucs package: univention-ox packageversion: 9.0.7-11A~4.2.0.201801031550 # on all three DC: root@____:~# ucr get ox/master/42/registered_ldap_acls <unset> # on all three DC: root@____:~# dpkg -l 'univention-server-*' DC master (m120): 13.0.0-3A~4.3.0.2 DC backup (b124): 13.0.0-3A~4.3.0.2 DC slave (s121): 12.0.0-13A~4.2.0. # on DC backup and DC master: SRCFILE=/etc/apt/sources.list.d/30_test.list for i in ucs_4.3-0 ucs_4.3-0-ucs4.3-1; do echo -e "deb [trusted=yes] http://192.168.0.10/build2/ $i/all/\ndeb [trusted=yes] http://192.168.0.10/build2/ $i/\$(ARCH)/" >> $SRCFILE done root@____:~# univention-upgrade # on DC master: root@m120:~# dpkg -l 'univention-server-*' ii univention-server-master 13.0.0-6A~4.3.0.2 root@m120:~# ucr get ox/master/42/registered_ldap_acls yes root@m120:~# egrep 'ox.*schema' /etc/ldap/slapd.conf include /var/lib/univention-ldap/local-schema/oxforucs-extra.schema include /var/lib/univention-ldap/local-schema/oxforucs.schema # on DC backup: root@b124:~# dpkg -l 'univention-server-*' ii univention-server-backup 13.0.0-6A~4.3.0.2 root@b124:~# ucr get ox/master/42/registered_ldap_acls yes
<http://errata.software-univention.de/ucs/4.3/203.html>