From a57b665be027bd67b582cba784aca5f2f8399459 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Mar 27 2024 17:04:26 +0000 Subject: idrange: only issue warning to restart services for a local range SIDGEN plugin only uses local ID ranges and thus a restart is really needed only when a local range is added, modified or removed. Also fix the SSSD warning because removal of any range requires restart everywhere, not just on a specific server. Fixes: https://pagure.io/freeipa/issue/9558 Signed-off-by: Alexander Bokovoy Reviewed-By: Florence Blanc-Renaud --- diff --git a/ipaserver/plugins/idrange.py b/ipaserver/plugins/idrange.py index 9e46116..ec061a4 100644 --- a/ipaserver/plugins/idrange.py +++ b/ipaserver/plugins/idrange.py @@ -552,12 +552,15 @@ class idrange_add(LDAPCreate): self.obj.handle_ipabaserid(entry_attrs, options) self.obj.handle_iparangetype(entry_attrs, options, keep_objectclass=True) - self.add_message( - messages.ServiceRestartRequired( - service=services.knownservices.dirsrv.service_instance(""), - server=_('') + + if entry_attrs.single_value.get('iparangetype') in ( + 'ipa-local', self.obj.range_types.get('ipa-local', None)): + self.add_message( + messages.ServiceRestartRequired( + service=services.knownservices.dirsrv.service_instance(""), + server=_('') + ) ) - ) return dn @@ -571,7 +574,8 @@ class idrange_del(LDAPDelete): try: old_attrs = ldap.get_entry(dn, ['ipabaseid', 'ipaidrangesize', - 'ipanttrusteddomainsid']) + 'ipanttrusteddomainsid', + 'iparangetype']) except errors.NotFound: raise self.obj.handle_not_found(*keys) @@ -605,6 +609,20 @@ class idrange_del(LDAPDelete): key=keys[0], dependent=trust_domains[0].dn[0].value) + self.add_message( + messages.ServiceRestartRequired( + service=services.knownservices['sssd'].systemd_name, + server=_('') + ) + ) + + if old_attrs.single_value.get('iparangetype') == 'ipa-local': + self.add_message( + messages.ServiceRestartRequired( + service=services.knownservices.dirsrv.service_instance(""), + server=_('') + ) + ) return dn @@ -809,10 +827,20 @@ class idrange_mod(LDAPUpdate): assert isinstance(dn, DN) self.obj.handle_ipabaserid(entry_attrs, options) self.obj.handle_iparangetype(entry_attrs, options) + + if entry_attrs.single_value.get('iparangetype') in ( + 'ipa-local', self.obj.range_types.get('ipa-local', None)): + self.add_message( + messages.ServiceRestartRequired( + service=services.knownservices.dirsrv.service_instance(""), + server=_('') + ) + ) + self.add_message( messages.ServiceRestartRequired( service=services.knownservices['sssd'].systemd_name, - server=keys[0] + server=_('') ) ) return dn diff --git a/ipatests/test_xmlrpc/test_range_plugin.py b/ipatests/test_xmlrpc/test_range_plugin.py index e3f4c23..531fe4a 100644 --- a/ipatests/test_xmlrpc/test_range_plugin.py +++ b/ipatests/test_xmlrpc/test_range_plugin.py @@ -26,7 +26,8 @@ import six from ipalib import api, errors, messages from ipalib import constants from ipaplatform import services -from ipatests.test_xmlrpc.xmlrpc_test import Declarative, fuzzy_uuid +from ipatests.test_xmlrpc.xmlrpc_test import ( + Declarative, fuzzy_uuid, Fuzzy, fuzzy_sequence_of) from ipatests.test_xmlrpc import objectclasses from ipatests.util import MockLDAP from ipapython.dn import DN @@ -374,6 +375,8 @@ IPA_LOCAL_RANGE_MOD_ERR = ( dirsrv_instance = services.knownservices.dirsrv.service_instance("") +fuzzy_restart_messages = fuzzy_sequence_of(Fuzzy(type=dict)) + @pytest.mark.tier1 class test_range(Declarative): @@ -610,7 +613,8 @@ class test_range(Declarative): desc='Delete ID range %r' % testrange1, command=('idrange_del', [testrange1], {}), expected=dict( - result=dict(failed=[]), + result=dict(failed=[], + messages=fuzzy_restart_messages), value=[testrange1], summary=u'Deleted ID range "%s"' % testrange1, ), @@ -714,7 +718,8 @@ class test_range(Declarative): desc='Delete ID range %r' % testrange2, command=('idrange_del', [testrange2], {}), expected=dict( - result=dict(failed=[]), + result=dict(failed=[], + messages=fuzzy_restart_messages), value=[testrange2], summary=u'Deleted ID range "%s"' % testrange2, ),