Comments (17)
mcanevet
commented on June 16, 2024
@elisiano OK I wrote acceptance test to reproduce the bug (b1a07d4).
You can lance it with:
bundle exec rspec spec/acceptance
I'll try to fix it ASAP
from puppet-openldap.
elisiano
commented on June 16, 2024
So I could not lunch it on the server because the tests require vagrant (and the puppet master is already a VM, so it would seem a bit of an overkill).
But I run it locally. It downloaded a debian vm and tested on it (although the distro I'm using in production is CentOS).
[... puppet output cut out ...]
Notice: Finished catalog run in 0.23 seconds
debian-73-x64 executed in 1.45 seconds
start => false:
removing temporory ssh-config files per-vagrant box
Destroying vagrant boxes
[debian-73-x64] Forcing shutdown of VM...
[debian-73-x64] Destroying VM and associated drives...
Failures:
1) openldap::server::access define Add an ACL should work with no errors
Failure/Error: apply_manifest(pp, :catch_failures => true)
Beaker::Host::CommandFailure:
Host 'debian-73-x64' exited with 6 running:
env PATH="/usr/bin:/opt/puppet-git-repos/hiera/bin:${PATH}" RUBYLIB="/opt/puppet-git-repos/hiera/lib:/opt/puppet-git-repos/hiera-puppet/lib:${RUBYLIB}" puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest.pp.cjg4yh
Last 10 lines of output were:
ldap_modify: Other (e.g., implementation specific) error (80)
additional info: <olcAccess> handler exited with 1
modifying entry "olcDatabase={1}hdb,cn=config"
Error: /Stage[main]/Main/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=foo,dc=example,dc=org" on dc=foo,dc=example,dc=org]/Openldap_access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=foo,dc=example,dc=org" on dc=foo,dc=example,dc=org]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-4125-94shxu' returned 80: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Other (e.g., implementation specific) error (80)
additional info: <olcAccess> handler exited with 1
modifying entry "olcDatabase={1}hdb,cn=config"
Notice: Finished catalog run in 18.81 seconds
# ./spec/acceptance/openldap__server__access_spec.rb:20:in `block (3 levels) in <top (required)>'
Finished in 57.92 seconds
7 examples, 1 failure
Failed examples:
rspec ./spec/acceptance/openldap__server__access_spec.rb:5 # openldap::server::access define Add an ACL should work with no errors
from puppet-openldap.
mcanevet
commented on June 16, 2024
@elisiano it's a little bit better with this patch (241b4a1), but I'm wondering if it's a good idea to have a type to manage ACLs. Maybe a property of openldap_database would be better.
from puppet-openldap.
elisiano
commented on June 16, 2024
I still get errors in the test:
[...cut...]
debian-73-x64 executed in 1.49 seconds
start => false:
removing temporory ssh-config files per-vagrant box
Destroying vagrant boxes
[debian-73-x64] Forcing shutdown of VM...
[debian-73-x64] Destroying VM and associated drives...
Failures:
1) openldap::server::access define Add an ACL should work with no errors
Failure/Error: expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
Beaker::Host::CommandFailure:
Host 'debian-73-x64' exited with 4 running:
env PATH="/usr/bin:/opt/puppet-git-repos/hiera/bin:${PATH}" RUBYLIB="/opt/puppet-git-repos/hiera/lib:/opt/puppet-git-repos/hiera-puppet/lib:${RUBYLIB}" puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest.pp.E9lncn
Last 10 lines of output were:
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={1}hdb,cn=config"
Error: /Stage[main]/Main/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=foo,dc=example,dc=org" on dc=foo,dc=example,dc=org]/Openldap_access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=foo,dc=example,dc=org" on dc=foo,dc=example,dc=org]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-5202-1ena2yy' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={1}hdb,cn=config"
Notice: Finished catalog run in 0.41 seconds
# ./spec/acceptance/openldap__server__access_spec.rb:21:in `block (3 levels) in <top (required)>'
Finished in 59.4 seconds
7 examples, 1 failure
Failed examples:
rspec ./spec/acceptance/openldap__server__access_spec.rb:5 # openldap::server::access define Add an ACL should work with no errors
As for how it's implemented I can't really say how it is better (I do not have enough experience). I was just reading the documentation and trying to apply the ACLs as described there. If you think there is a better approach, there is no issue on my side, I'll keep reading the docs and modify my code accordingly.
from puppet-openldap.
elisiano
commented on June 16, 2024
wait, although the test fails, the code in production runs without any error the first time.
The second time it complains that the entries already exist.
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-1myfnse-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by self on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by self on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-1myfnse-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-qaf77e-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by anonymous on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by anonymous on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-qaf77e-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-18dboc8-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmteam,dc=com" on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmteam,dc=com" on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-18dboc8-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-1v4ru90-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by * on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by * on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-30297-1v4ru90-0' returned 20: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Type or value exists (20)
additional info: modify/add: olcAccess: value #0 already exists
modifying entry "olcDatabase={3}bdb,cn=config"
from puppet-openldap.
mcanevet
commented on June 16, 2024
@elisiano Acceptance tests now works with that: cdc360f
Please tell me if it looks good to you also.
from puppet-openldap.
elisiano
commented on June 16, 2024
OK so the tests pass, but in production there are some errors.
Error: Could not autoload puppet/provider/openldap_access/olc: /var/lib/puppet/lib/puppet/provider/openldap_access/olc.rb:42: syntax error, unexpected ')'
/var/lib/puppet/lib/puppet/provider/openldap_access/olc.rb:113: syntax error, unexpected kEND, expecting '}'
Error: Could not autoload puppet/type/openldap_access: Could not autoload puppet/provider/openldap_access/olc: /var/lib/puppet/lib/puppet/provider/openldap_access/olc.rb:42: syntax error, unexpected ')'
/var/lib/puppet/lib/puppet/provider/openldap_access/olc.rb:113: syntax error, unexpected kEND, expecting '}'
Error: Could not retrieve catalog from remote server: Could not intern from text/pson: Could not autoload puppet/type/openldap_access: Could not autoload puppet/provider/openldap_access/olc: /var/lib/puppet/lib/puppet/provider/openldap_access/olc.rb:42: syntax error, unexpected ')'
/var/lib/puppet/lib/puppet/provider/openldap_access/olc.rb:113: syntax error, unexpected kEND, expecting '}'
But if I remove the comma to the last parameter at provider/openldap_access/olc.rb line 41 (I just noticed you also corrected this), it goes further and the error is
Error: Could not prefetch openldap_access provider 'olc': undefined method `captures' for nil:NilClass
So after that it keeps giving the previous errors (where entries already exist, but this is normal since it didn't fetch the new code).
from puppet-openldap.
mcanevet
commented on June 16, 2024
@elisiano what is the output of the following command ?
puppet resource openldap_access
from puppet-openldap.
elisiano
commented on June 16, 2024
@mcanevet the same as the previous error:
[root@openldap01 ~]# puppet resource openldap_access
Error: Could not run: undefined method `captures' for nil:NilClass
This is on the client. On the master I have no output (which I assume is correct since that resource is never included by any class).
from puppet-openldap.
elisiano
commented on June 16, 2024
I also tried with debug but it doesn't help much:
[root@openldap01 ~]# puppet resource --debug openldap_access
Debug: Executing '/usr/sbin/slapcat -b cn=config -H ldap:///???(olcAccess=*)'
Error: Could not run: undefined method `captures' for nil:NilClass
from puppet-openldap.
elisiano
commented on June 16, 2024
uhm, I don't know how escaping works in ruby but if I run that command on the shell the parenthesis get on the way:
[root@openldap01 ~]# /usr/sbin/slapcat -b cn=config -H ldap:///???(olcAccess=*)
-bash: syntax error near unexpected token `('
on the other hand if I quote all the URI parameter I get the expected output (apologies for the long paste):
[root@openldap01 ~]# /usr/sbin/slapcat -b cn=config -H 'ldap:///???(olcAccess=*)'
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=externa
l,cn=auth" manage by * none
olcAddContentAcl: TRUE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=config
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
structuralObjectClass: olcDatabaseConfig
entryUUID: 40e2586e-6e15-1033-896b-1d1e148bb6aa
creatorsName: cn=config
createTimestamp: 20140512113524Z
entryCSN: 20140512113524.916084Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20140512113524Z
dn: olcDatabase={1}monitor,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {1}monitor
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=externa
l,cn=auth" read by dn.base="cn=manager,dc=my-domain,dc=com" read by * none
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
structuralObjectClass: olcDatabaseConfig
entryUUID: 40e25ada-6e15-1033-896c-1d1e148bb6aa
creatorsName: cn=config
createTimestamp: 20140512113524Z
entryCSN: 20140512113524.916084Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20140512113524Z
dn: olcDatabase={3}bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {3}bdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=ccmteam,dc=com
olcRootDN: cn=admin,dc=ccmteam,dc=com
olcRootPW:: e1NTSEF9Nk04aklBL0YxMkNFeFZzTDJNRGVXTlY4YjVYSlliODM=
structuralObjectClass: olcBdbConfig
entryUUID: 4231a198-6e15-1033-92cb-a7e99d6ccdf2
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20140512113527Z
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write
olcAccess: {1}to attrs=userPassword,shadowLastChange by anonymous auth
olcAccess: {2}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmtea
m,dc=com" write
olcAccess: {3}to attrs=userPassword,shadowLastChange by * none
entryCSN: 20140512141322.549007Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20140512141322Z
from puppet-openldap.
mcanevet
commented on June 16, 2024
@elisiano acceptance tests fails on Centos 6:
BEAKER_set=centos-65-x64 bundle exec rspec spec/acceptance
So I think I can fix this quite easily.
from puppet-openldap.
mcanevet
commented on June 16, 2024
@elisiano should be better now
from puppet-openldap.
elisiano
commented on June 16, 2024
@mcanevet It is indeed better! Of course it's not over yet :-)
So it seems that openldap::server::access is executed before the database is setup, hence the first time all the execs ends up with errors, but the second time everything is OK.
1st run
[...]
Info: Applying configuration version '1399913655'
Notice: /Stage[main]/Openldap::Server::Install/Package[openldap-servers]/ensure: created
Notice: /Stage[main]/Openldap::Server::Service/Service[slapd]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Openldap::Server::Service/Service[slapd]: Unscheduling refresh on Service[slapd]
Notice: /Stage[main]/Openldap::Server::Config/Shellvar[SLAPD_LDAPS]/ensure: removed
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-1312-15xqbsx-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by self on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by self on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H l
dapi:/// -f /tmp/openldap_access20140512-1312-15xqbsx-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Notice: /Stage[main]/Openldap::Server::Config/Shellvar[SLAPD_LDAPI]/value: value changed ['yes'] to 'true'
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-1312-zm7ai2-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by anonymous on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by anonymous on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXT
ERNAL -H ldapi:/// -f /tmp/openldap_access20140512-1312-zm7ai2-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-1312-gar6bt-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmteam,dc=com" on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmteam,dc=com" on dc=ccmteam,dc=com]/ensure: change from absent to present fail
ed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-1312-gar6bt-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Error: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_access20140512-1312-hxiseh-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Error: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by * on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by * on dc=ccmteam,dc=com]/ensure: change from absent to present failed: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/
// -f /tmp/openldap_access20140512-1312-hxiseh-0' returned 53: SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Server is unwilling to perform (53)
additional info: modify upon the root DSE not supported
modifying entry ""
Notice: /Stage[main]/Openldap::Server::Config/Shellvar[SLAPD_LDAP]/value: value changed ['yes'] to 'true'
/var/lib/puppet/lib/puppet/provider/openldap_database/olc.rb:125: warning: regexp has invalid interval
/var/lib/puppet/lib/puppet/provider/openldap_database/olc.rb:125: warning: regexp has `}' without escape
Notice: /Stage[main]/Openldap::Server::Config/Openldap::Server::Database[dc=ccmteam,dc=com]/Openldap_database[dc=ccmteam,dc=com]/ensure: created
Notice: Finished catalog run in 23.99 seconds
(note also the issues at var/lib/puppet/lib/puppet/provider/openldap_database/olc.rb:125 )
then, 2nd run
[...]
Info: Applying configuration version '1399914005'
Notice: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by self on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by self on dc=ccmteam,dc=com]/ensure: created
Notice: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by anonymous on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by anonymous on dc=ccmteam,dc=com]/ensure: created
Notice: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmteam,dc=com" on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=ccmteam,dc=com" on dc=ccmteam,dc=com]/ensure: created
Notice: /Stage[main]/Ccm::Profile::Openldap/Openldap::Server::Access[to attrs=userPassword,shadowLastChange by * on dc=ccmteam,dc=com]/Openldap_access[to attrs=userPassword,shadowLastChange by * on dc=ccmteam,dc=com]/ensure: created
Notice: Finished catalog run in 6.88 seconds
and from the 3rd time on, nothing else is applied:
Info: Applying configuration version '1399914056'
Notice: Finished catalog run in 6.48 seconds
But this is already a huge improvement (at least now it works!)
Thanks a lot for your real-time support :)
from puppet-openldap.
mcanevet
commented on June 16, 2024
@elisiano OK I'll try to add an auto requirement on openldap_database.
from puppet-openldap.
elisiano
commented on June 16, 2024
@mcanevet sounds good, let me know when I can give it a test.
from puppet-openldap.
elisiano
commented on June 16, 2024
@mcanevet I just wanted to thank you once again for your support on this. I just tested and everything works flawless (as far as I noticed at least). Thanks a lot.
from puppet-openldap.
Related Issues (20)
- openldap::server::overlay does not allow tuples as options HOT 2
- [poll] What to do with the islast parameter of openldap_access?
- openldap::server::database initdb data type should support value false
- `$openldap::server::database::mirrormode` does not enable olcMirrorMode
- openldap::server::overlay incorrectly parses suffix HOT 5
- openldap::server::dbindex is missing documentation HOT 3
- Unable to configure openldap on FreeBSD 13.0-RELEASE HOT 5
- Wrong data type for `$openldap::server::database::limits`
- LDIF mangling is in schema provider does not handle LDIF line wrapping correctly HOT 1
- Data type enforcement for openldap_database security is not idempotent HOT 1
- dc=my-domain,dc=com entry in Database HOT 3
- Inconsistent parameters for `openldap::client`
- Version 6.1.0 breaks disabling nonexistent services HOT 3
- cn=accesslog database: Parameter suffix failed
- Parameter suffix failed, because of too restrictive patterns in openldap/lib/puppet/type/openldap_database.rb HOT 2
- No parameter named 'multiprovider' HOT 4
- no parameter named 'multiprovider' HOT 3
- Cannot ensure: absent on dbindex
- acls with identical access definitions are not implemented correctly
- Unable to configure hashing with the pw-pbkdf2 module
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-openldap.