freeipa

Clone
Source Code
GIT

#4405 Upgrade to 4.0 fails with schema error
Closed: Fixed None Opened 9 years ago by mkosek.

Closed: Fixed
Reopen Issue

Upgrade from 3.3.5 to 4.0 failed with schema error:

# rpm -Uvh --force ~/freeipa-master/dist/rpms/freeipa-*
Preparing...                          ################################# [100%]
Updating / installing...
   1:freeipa-python-3.3.90GIT008c780-0################################# [  7%]
   2:freeipa-client-3.3.90GIT008c780-0################################# [ 13%]
Could not load host key: /etc/ssh/ssh_host_dsa_key
   3:freeipa-admintools-3.3.90GIT008c7################################# [ 20%]
   4:freeipa-server-3.3.90GIT008c780-0################################# [ 27%]
   5:freeipa-server-trust-ad-3.3.90GIT################################# [ 33%]
   6:freeipa-server-foreman-smartproxy################################# [ 40%]
   7:freeipa-tests-3.3.90GIT008c780-0.################################# [ 47%]
   8:freeipa-debuginfo-3.3.90GIT008c78################################# [ 53%]
Cleaning up / removing...
   9:freeipa-tests-3.3.5-1.fc20       ################################# [ 60%]
  10:freeipa-debuginfo-3.3.5-1.fc20   ################################# [ 67%]
  11:freeipa-server-trust-ad-3.3.5-1.f################################# [ 73%]
  12:freeipa-server-3.3.5-1.fc20      ################################# [ 80%]
  13:freeipa-admintools-3.3.5-1.fc20  ################################# [ 87%]
  14:freeipa-client-3.3.5-1.fc20      ################################# [ 93%]
  15:freeipa-python-3.3.5-1.fc20      ################################# [100%]
Upgrade failed with unknown object class "ipapermissionv2"
IPA upgrade failed.

Moving to 4.0 June as we need to fix this before release.

Suprisingly, this looks related to #3859 as upgrade was fixed when I changed

objectclasses: (2.16.840.1.113730.3.8.12.22 NAME 'ipaAllowedOperations' SUP top AUXILIARY DESC 'Class to apply access controls to arbitrary operations' MAY ( ipaAllowedToPerform $ ipaProtectedOperation ) X-    ORIGIN 'IPA v3')

to

objectClasses: (2.16.840.1.113730.3.8.12.22 NAME 'ipaAllowedOperations' SUP top AUXILIARY DESC 'Class to apply access controls to arbitrary operations' MAY ( ipaAllowedToPerform $ ipaProtectedOperation ) X-    ORIGIN 'IPA v3')

I.e. when I fixed the casing of the ipaAllowedOperations to the same as with the other records.

I will send a patch for that to start a discussion.

Patch freeipa-mkosek-471-fix-objectclass-casing-in-ldif-to-prevent-schema-upd.patch sent for review

Adding to list of tickets required for 4.0 release.

master:

  • bd29d3c Fix objectClass casing in LDIF to prevent schema update error

python-ldap bug causing it is tracked in https://bugzilla.redhat.com/show_bug.cgi?id=1007820.

Metadata Update from @mkosek:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 4.0 GA
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
important
None
None
None
None
defect
None
None
Upgrade
None
1
None
None
None
None
0
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.