#5019 ipa-replica-manage del fails to delete host entry
Closed: Fixed None Opened 8 years ago by lkrispen.

While investigating failing cleanallruv tasks, there also was the error about failing cleanup detected:

# ipa-replica-manage del vm-162.idm.lab.eng.brq.redhat.com
..
Failed to cleanup vm-162.idm.lab.eng.brq.redhat.com entries: Not allowed on non-leaf entry

in the access log we see

[06/May/2015:14:19:11 +0200]conn=30 op=17 SRCH base="cn=vm-162.idm.lab.eng.brq.redhat.com,cn=masters,cn=ipa,cn=etc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com" scope=2 filter="(objectClass=*)" attrs=ALL
[06/May/2015:14:19:11 +0200] conn=30 op=17 RESULT err=0 tag=101 nentries=6 etime=0 notes=U
[06/May/2015:14:19:11 +0200] conn=30 op=18 DEL dn="cn=vm-162.idm.lab.eng.brq.redhat.com,cn=masters,cn=ipa,cn=etc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
[06/May/2015:14:19:11 +0200] conn=30 op=18 RESULT err=66 tag=107 nentries=0 etime=0

which means that there was an attempt to remove the host before the services

in replica_cleanup we have:

# delete master entry with all active services
try:
    dn = DN(('cn', replica), ('cn', 'masters'), ('cn', 'ipa'),('cn', 'etc'), self.suffix)
    entries = self.conn.get_entries(dn, ldap.SCOPE_SUBTREE)
    if entries:
        entries.sort(key=len, reverse=True)
        for entry in entries:
            self.conn.delete_entry(entry)

this intends to delete children befor the parent, as the dns of children are longer, but get_entries does return a list of entries, not DNs, and so the sorting does not work


master:

  • c5f319d replica-manage: Properly delete nested entries

ipa-4-1:

  • aa83d20 replica-manage: Properly delete nested entries

this bug seems to be fixed in ipa-server-4.2.0-15.el7_2.3.x86_64.

Could we have the bz linked to this ?

Thanks.

German.

Metadata Update from @lkrispen:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 4.1.5

7 years ago

Login to comment on this ticket.

Metadata