#49919 Files in the schema directory changed after 389-ds is updated by RPM
Closed: wontfix 3 years ago by firstyear. Opened 3 years ago by dkt.

Issue Description

After using rpm to update 389-ds, the files in the schema directory changed

Note:

60kerberos.ldif schema is not copied from the system/RPM, it is a file from the Internet and was edited.
60pam-plugin.ldif schema is copied from system/RPM

Package Version and Platform

before upgrade: 389-ds-base-1.3.7.5-24.el7_5.x86_64
after upgrade: 389-ds-base-1.3.7.5-25.el7_5.x86_64

Steps to reproduce

pwd

/etc/dirsrv/slapd-instance1/schema

ls -l

total 20
-rw-r--r--. 1 dirsrv dirsrv 9455 Aug 21 15:21 60kerberos.ldif
-rw-r--r--. 1 dirsrv dirsrv 2350 Aug 21 15:21 60pam-plugin.ldif
-rw-rw----. 1 dirsrv dirsrv 291 Aug 21 15:19 99user.ldif

yum update 389-ds-base

Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 389-ds-base-libs-1.3.7.5-25.el7_5.x86_64 1/4
Updating : 389-ds-base-1.3.7.5-25.el7_5.x86_64 2/4
Cleanup : 389-ds-base-1.3.7.5-24.el7_5.x86_64 3/4
Cleanup : 389-ds-base-libs-1.3.7.5-24.el7_5.x86_64 4/4
Verifying : 389-ds-base-libs-1.3.7.5-25.el7_5.x86_64 1/4
Verifying : 389-ds-base-1.3.7.5-25.el7_5.x86_64 2/4
Verifying : 389-ds-base-1.3.7.5-24.el7_5.x86_64 3/4
Verifying : 389-ds-base-libs-1.3.7.5-24.el7_5.x86_64 4/4

Updated:
389-ds-base.x86_64 0:1.3.7.5-25.el7_5

Dependency Updated:
389-ds-base-libs.x86_64 0:1.3.7.5-25.el7_5

Complete!

ls -l

total 16
-rw-r--r--. 1 dirsrv dirsrv 9455 Aug 21 15:21 60kerberos.ldif
-rw-rw----. 1 dirsrv dirsrv 15 Aug 22 01:52 99user.ldif

pwd

/etc/dirsrv/slapd-instance1/schema

ls ../schema.bak/

60pam-plugin.ldif 99user.ldif

Actual results

60pam-plugin.ldif schema is copied to the schema.bak folder.
I copied 60pam-plugin.ldif to the schema directory, because it is listed in the instruction: https://directory.fedoraproject.org/docs/389ds/howto/howto-pam-pass-through.html

Expected results

Files in the schema directory should be the same after update.


You should add the schema files to /usr/share/dirsrv/schema as well, and I think that will solve this for you

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None

3 years ago

You should add the schema files to /usr/share/dirsrv/schema as well, and I think that will solve this for you

The schema 60kerberos.ldif (manually edited) is fine after upgrade.

The schema 60pam-plugin.ldif is copied from /usr/share/dirsrv/schema to /etc/dirsrv/slapd-instance1/schema. So it is already in /usr/share/dirsrv/schema.

The problem is that 60-pam-plug.ldif was moved to /etc/dirsrv/slapd-instance1/schema.bak after update.

Whoa no! Please don't touch /usr/share/dirsrv/schema, because rpm will blow that up to!

If you are editing schema, you should be naming your schema elements differently or putting them in in different files. IE don't make 60-kerberos again as a copy, just make 98-mysite.ldif and put in only the lines of schema you are editing.

As well, there are just so many hairy edge cases because of the perl "on upgrade" tasks related to schema trying to clean up legacy ... it's really a problem that I hope we have resolved for 1.4 (no more upgrade task from rpm scripts.).

Metadata Update from @mreynolds:
- Issue set to the milestone: 1.4.0

3 years ago

Closing, because I think this is not an issue sorry :(

Metadata Update from @firstyear:
- Issue close_status updated to: invalid
- Issue status updated to: Closed (was: Open)

3 years ago

Metadata Update from @dkt:
- Issue status updated to: Open (was: Closed)

3 years ago

I copied 60pam-plugin.ldif to the schema directory in /etc/dirsrv/slapd-instance/schema, because it is listed in the instruction: https://directory.fedoraproject.org/docs/389ds/howto/howto-pam-pass-through.html

There is no changes made to 60pam-plugin.ldif. I don't expect the schema files in /etc/dirsrv/slapd-instance/schema being removed after the RPM is updated.

If this is the expected behavior please close the ticket.

@dkt The schema system has changed a bit since that how to was written. We now provide pam-plugin.ldif as schema by default in the schema search path, so you shouldn't need to copy it. Second, you probably only should change content in 99user.ldif, which is able to be "updated" as schema migrations are made by the project. It's really really hard because we can't "fix and clean" the schema system because too many people rely on the legacy setup, so there is only so much we can do to improve this, but no matter what, confusion will always remain :(

So to follow up, maybe something actionable, is fixing the howto to be clearer?

Pushed updates to the how to now.

Metadata Update from @firstyear:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2978

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)

2 years ago

Login to comment on this ticket.

Metadata