Univention Bugzilla – Bug 39866
univentionAppID not indexed
Last modified: 2019-03-13 21:40:15 CET
Nov 10 02:16:15 unassigned-hostname slapd[22311]: <= mdb_equality_candidates: (univentionAppID) not indexed
r66607 | Bug #39866 ldap: Copyright 2016 r66606 | Bug #39866 ldap: Add univentionAppID to equality search index Package: univention-ldap Version: 12.1.6-6.791.201601061553 Branch: ucs_4.1-0 Scope: errata4.1-0 r66608 | Bug #39866 ldap: Add univentionAppID to equality search index YAML univention-ldap.yaml
[....] Starting ldap server(s): slapd .../etc/ldap/slapd.conf: line 114: index attribute "univentionAppID" undefined Looks like the app center join script is about to be called *after* registration the new index attribute. This blocks the UCS@school jenkins tests.
r66667 | Bug #39866 LDAP: Remove update code Remove pre-UCS-4.0 update code from postinst r66668 | Bug #39866 DLAP: Delay adding univentionAppID to equality search index The attribute is *not* added; see that commit message for why r66681 | Bug #39866 ldap: Fix debug output Now univention-appcenter does it in its join script r66683 | Bug #39866 app: Copyright 2016 r66682 | Bug #39866 app: Add univentionAppID to equality search index Package: univention-ldap Version: 12.1.6-9.796.201601081702 Branch: ucs_4.1-0 Scope: errata4.1-0 Package: univention-appcenter Version: 5.0.19-39.96.201601081703 Branch: ucs_4.1-0 Scope: errata4.1-0 r66669 | Bug #39866 DLAP: Delay adding univentionAppID to equality search index YAML univention-ldap.yaml r66684 | Bug #39866 app: Add univentionAppID to equality search index YAML univention-appcenter.yaml
(In reply to Philipp Hahn from comment #3) > r66682 | Bug #39866 app: Add univentionAppID to equality search index I've seen in the commit that you have increased the version of the join script. That means every admin has to execute the join script on every server. I think it is possible to do the upgrade scenario in the postinst.
r66713 | Bug #39866 ldap: Force ldap/index/* to defaults during join r66712 | Bug #38051 LDAP: Initialize LDAP only on master r66711 | Bug #39866 app: Improve adding univentionAppID to equality search index Package: univention-appcenter Version: 5.0.19-40.97.201601111619 Branch: ucs_4.1-0 Scope: errata4.1-0 Package: univention-ldap Version: 12.1.6-11.801.201601111622 Branch: ucs_4.1-0 Scope: errata4.1-0 r66714 | Bug #39866 ldap: Force ldap/index/* to defaults during join YAML univention-ldap.yaml univention-appcenter.yaml
(In reply to Stefan Gohmann from comment #4) > (In reply to Philipp Hahn from comment #3) > > r66682 | Bug #39866 app: Add univentionAppID to equality search index > > I've seen in the commit that you have increased the version of the join > script. That means every admin has to execute the join script on every > server. I think it is possible to do the upgrade scenario in the postinst. Yes, it can be done, but: - the attribute must be added to the index only *after* it has been registered - otherwise slapd refuses to start. This would be catastrophic on the Master, as dynamically registering the App.schema would not be possible any more. - same is true for the ordering of registering and indexing on backup and slave: only when the schema is registered and replicated to those systems by the Listener does the slapd start again. - as the master and any backup have the ldap.secret, they will run the join script automatically anyway. - on a joined slave the join script needs re-running to add the attribute to the index. - on an unjoined slave the attribute must not be added until the schema is replicated - otherwise slapd will not start. This is only possible *after* the system has been joined - because of that the code to add the attribute to the slapd index *must* remain in the join script. I added the code to both the postinst and join script. Also had to fix Bug #38051 to fix re-joining a slave.
univention-appcenter: * univention-appcenter.postinst The "ldap_setup_index --add-eq univentionAppID" part is done during every update (no dpkg --compare-versions "$2" lt-nl check), is this correct? * 30univention-appcenter.inst: if [ -x /etc/init.d/slapd ] && [ -x /usr/share/univention-ldap/ldap_setup_index ] && [ -e /var/univention-join/joined ] && ! ucr get ldap/index/eq | tr , '\n' | grep -Fxq univentionAppID univention-ldapsearch -LLL -o ldif-wrap=no -b cn=Subschema -s base att... No && or | before the last line, i guess the "! ucr get ldap/index/eq " test is ignored here, or? These are some pretty heavy changes here, what do i have to test? So far, i have checked: univentionAppID is updated on the UCS Master updated unjoined slave, univentionAppID index is set during join
(In reply to Felix Botner from comment #7) > univention-appcenter: > > * univention-appcenter.postinst > > The "ldap_setup_index --add-eq univentionAppID" part is done during every > update (no dpkg --compare-versions "$2" lt-nl check), is this correct? Added test to run only once on upgrade ($2='5.0') or on 1st install ($2=''). > * 30univention-appcenter.inst: > > if [ -x /etc/init.d/slapd ] && > [ -x /usr/share/univention-ldap/ldap_setup_index ] && > [ -e /var/univention-join/joined ] && > ! ucr get ldap/index/eq | tr , '\n' | grep -Fxq univentionAppID > univention-ldapsearch -LLL -o ldif-wrap=no -b cn=Subschema -s base > att... > > No && or | before the last line, i guess the "! ucr get ldap/index/eq " > test is ignored here, or? Thanks, fixed. > These are some pretty heavy changes here, what do i have to test? > So far, i have checked: > > univentionAppID is updated on the UCS Master > updated unjoined slave, univentionAppID index is set during join AFAIK "1st join, then update" is missing. r66951 | Bug #39866 app: Only add univentionAppID to index on install/1st update Package: univention-appcenter Version: 5.0.19-45.102.201601260812 Branch: ucs_4.1-0 Scope: errata4.1-0 r66952 | Bug #39866 app: Only add univentionAppID to index on install/1st update YAML univention-appcenter.yaml
OK - ldap index (the same as before plus "printerModel sub" and univentionAppID eq") OK - ldap_setup_index --add-eq univentionAppID OK - ldap_setup_index --rm-eq univentionAppID OK - ldap_setup_index --force-defaults OK - update on joined master OK - update on joined slave OK - update on unjoined slave, univentionAppID index is set during join OK - univentionAppID eq index is set during this update or during join if univention-appcenter OK - YAML
<http://errata.software-univention.de/ucs/4.1/79.html> <http://errata.software-univention.de/ucs/4.1/84.html>