Univention Bugzilla – Full Text Bug Listing |
Summary: | Configurable names for well known role accounts | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Listener (univention-directory-listener) | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, jmm, requate |
Version: | UCS 3.2 | ||
Target Milestone: | UCS 3.2-0-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | 33889 | ||
Bug Blocks: | 34527 |
Description
Arvid Requate
2014-01-09 19:24:18 CET
The group-name-mapping.py listener has been extended and renamed to well-known-sid-name-mapping.py. Advisory: 2013-12-09-univention-pam.yaml This bug will be set to resolved/fixed after testing Bug 33644. The well-known-sid-name-mapping listener now calls run-parts on the directory /usr/lib/univention-pam/well-known-sid-name-mapping.d in the postrun function in case a UCR mapping was modified. This allows a slapd restart as well as other service specific operations if required. (In reply to Arvid Requate from comment #2) > The well-known-sid-name-mapping listener now calls run-parts on the directory > > /usr/lib/univention-pam/well-known-sid-name-mapping.d > > in the postrun function in case a UCR mapping was modified. This allows a > slapd restart as well as other service specific operations if required. That means we will restart the LDAP server every time we change one well known object. Wouldn't it be better to restart the LDAP server only if Administrator, Domain Admins or Windows Hosts were changed? > That means we will restart the LDAP server every time we change one well known > object. Wouldn't it be better to restart the LDAP server only if Administrator, > Domain Admins or Windows Hosts were changed? Since it's called in the postrun the restart will be called rarely when a batch of Well known SID objects are renamed in OpenLDAP. But you are right, it would be nicer, if the well-known-sid-name-mapping.d/* hooks could generally choose their reaction based on the specific changes. This would need an adjustment of Bug 33890 too. The listener module is adjusted accordingly. Advisory is updated. YAML: OK Tests: OK Code: OK |