Memberof allows to scope a specific part of the subtree (memberOfEntryScope)
There is no way to exclude subtrees that are under 'memberOfEntryScope' For example if we want to scope all entries under SUFFIX but 'cn=provisioning,SUFFIX'
It should introduce a new config attribute: memberOfExcludeSubtree The new attribut is multivalued, DN syntax
This enhancement is required for https://fedorahosted.org/freeipa/ticket/3813, where memberof plugin should scope SUFFIX except 'Stage' and 'Delete' entries (under cn=provisioning,SUFFIX)
attachment 0001-Ticket-47829-memberof-scope-allow-to-exclude-subtree.patch
attachment 0002-Ticket-47829-TC-memberof-scope-allow-to-exclude-subt.patch
The attached fix was tested:
attachment 0001-Ticket-47829-memberof-scope-allow-to-exclude-subtree.2.patch
Log line from test looks odd: {{{ except ldap.NO_SUCH_OBJECT: 253 topology.standalone.log.info(" ###!!@@##@ Failure to retrieve %s (47833)") }}}
Otherwise, ack
Thanks Rich for reviewing the fix and the test case.
You are right, the logged message was confusing. 47833 shows several symptoms: A modrdn succeeds but the operation reports a failure Then searching the target entry wit a base search fails, although the entry exists * doing a subtree search allows to do successful base search The confusing message was logged when hitting the second case. I changed the messages to be more precise.
'''git merge master_47829''' Updating 98cf424..47e5dcc Fast-forward dirsrvtests/tickets/ticket47829_test.py | 709 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ldap/servers/plugins/memberof/memberof.c | 23 ++- ldap/servers/plugins/memberof/memberof.h | 3 + ldap/servers/plugins/memberof/memberof_config.c | 44 ++++- 4 files changed, 772 insertions(+), 7 deletions(-) create mode 100644 dirsrvtests/tickets/ticket47829_test.py
'''git push origin master''' Counting objects: 22, done. Delta compression using up to 4 threads. Compressing objects: 100% (12/12), done. Writing objects: 100% (12/12), 6.67 KiB, done. Total 12 (delta 7), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 98cf424..47e5dcc master -> master
commit 47e5dcc Author: Thierry bordaz (tbordaz) tbordaz@redhat.com Date: Thu Jun 26 11:57:41 2014 +0200
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1118066
Could you please take a look at this comment? https://bugzilla.redhat.com/show_bug.cgi?id=1118066#c3 Thanks!
Related to 47833 & 48012.
Replying to [comment:9 nhosoi]:
This bug reported in this comment (aka https://fedorahosted.org/389/ticket/48012) has been fixed with the final patches of https://fedorahosted.org/389/ticket/47526
Closing this ticket
Metadata Update from @nhosoi: - Issue assigned to tbordaz - Issue set to the milestone: 1.3.4.0
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1160
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.