ipa-ldap-update silently fails when there is a blank line in the schema file
ipa-ldap-update
ipa-lap-updater -S /path/to/89-schemathing.ldif
Any attributes added to or removed from objectclass are not reflected in schema viewed by ldapsearch -s base -b cn=schema objectClasses
ldapsearch -s base -b cn=schema objectClasses
ipa-ldap-updater yields a warning or reports an error when there is a blank line that would prevent the schema from being updated correctly
ipa-ldap-updater
package freeipa-server is not installed package freeipa-client is not installed ipa-server-4.8.4-7.module+el8.2.0+6046+aaa49f96.x86_64 ipa-client-4.8.4-7.module+el8.2.0+6046+aaa49f96.x86_64 389-ds-base-1.4.2.4-8.module+el8.2.0+5959+cfcaedbd.x86_64 pki-ca-10.8.3-2.module+el8.2.0+6294+b7db4606.noarch krb5-server-1.17-18.el8.x86_64
The reason it failed is this is an invalid LDIF format.
Per the ldif man page: "Multiple entries within the same LDIF file are separated by blank lines."
IPA leverages the python ldif module to handle reading and parsing the provided file(s).
In order to produce an appropriate error message we would need to manually parse, looking standalone lines that don't reference a dn which IMHO the library should be enforcing for us.
I opened BZ https://bugzilla.redhat.com/show_bug.cgi?id=1872453 against python-ldap to track this.
I'm going to close this ticket as there is nothing to do in IPA. There isn't a great choice for reason so I'm going to do wontfix.
Metadata Update from @rcritten: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.