Univention Bugzilla – Bug 50607
Fetchmail: Backup2master problem with package that deploy LDAP Schema locally
Last modified: 2019-12-16 13:03:32 CET
+++ This bug was initially created as a clone of Bug #49463 +++ Steps to reproduce: Installing an app which provides a schema extension. Editing some LDAP objects to use this app which will add attributes to the LDAP object. De-installation of app as no longer needed. LDAP Schema extension is still available in LDAP by purpose (otherwise the object attributes would be invalid). Setting up a backup server, installing same packages and same versions of current installed master. This backup will replicate the schema extensions but will not have the local schema files installed (as the app is not installed any longer). Now doing backup2master and you will get couple of rejects or similar failures due to unknown attributes on the objects. Trying to filter them out through https://help.univention.com/t/problem-after-a-ldap-schema-was-removed-there-are-still-some-references-in-your-ldap/11810 will frequently bring other issues... We should make sure a backup2master will have the same LDAP schemas on the new master.
Fixed in univention-fetchmail 12.0.4-3A~4.4.0.201912061515 univention-fetchmail now uses ucs_registerLDAPExtension in its joinscript instead of ucs_registerLDAPSchema in its postinst. It also registers the ACL file 58univention-fetchmail_acl-settings. But it was renamed to 58univention-fetchmail-schema.acl. /etc/ldap/slapd.conf looks the same before and after the update. (disregarding the UCR template name) For updates, /etc/univention/templates/info/univention-fetchmail-schema.info /etc/univention/templates/files/etc/ldap/slapd.conf.d/58univention-fetchmail_acl-settings are removed. That is the reason for the rename: If the ACL file was registered by UDM *before* the package was updated on DC Master, the update would remove the ACL file. Now, the ACL file may be registered twice in this case. But this is fine, in this case, the rules are just doubled. It does no harm.
I fixed a small typo in the yaml. (In reply to Dirk Wiesenthal from comment #1) > Fixed in > univention-fetchmail 12.0.4-3A~4.4.0.201912061515 actually univention-fetchmail 12.0.4-7A~4.4.0.201912061609 > univention-fetchmail now uses ucs_registerLDAPExtension in its joinscript > instead of ucs_registerLDAPSchema in its postinst. > > It also registers the ACL file 58univention-fetchmail_acl-settings. But it > was renamed to 58univention-fetchmail-schema.acl. > > /etc/ldap/slapd.conf looks the same before and after the update. > (disregarding the UCR template name) Diff looks good > For updates, > /etc/univention/templates/info/univention-fetchmail-schema.info > /etc/univention/templates/files/etc/ldap/slapd.conf.d/58univention- > fetchmail_acl-settings > are removed. OK > That is the reason for the rename: If the ACL file was registered by UDM > *before* the package was updated on DC Master, the update would remove the > ACL file. > > Now, the ACL file may be registered twice in this case. But this is fine, in > this case, the rules are just doubled. It does no harm. Looks good. -> Verified
<http://errata.software-univention.de/ucs/4.4/394.html>