URL:
https://github.com/freeipa/freeipa/pull/4502
Author: abbra
Title: #4502: Upgrade rfc2307 schema
Action: opened
PR body:
"""
Update nisDomain and nisDomainObject to follow actual RFC2307bis schema
When RFC2307bis-based schema was added to FreeIPA and Fedora Directory in 2008, wrong OIDs
were used for nisDomain attribute and nisDomainObject compared to the actual RFC2307bis
schema. FreeIPA installed own schema version by default as rfc2307bis.ldif first and then
as 15rfc2307bis.ldif. Fedora Directory (later 389-ds) kept it as 60nis.ldif in optional
content and never installed into a working instance.
Recently, 389-ds decided to unify various RFC 2307-related schema files and install them
by default. As result, FreeIPA-provided nisDomain attribute and nisDomainObject
objectclass started to conflict with the ones installed by default by 389-ds.
All other attributes from 15rfc2307bis.ldif are not in use by FreeIPA. Since they are
provided in 389-ds starting with 1.4.3.5 anyway, it makes no sense to keep them shipped.
This pull request updates 15rfc2307bis.ldif to only contain two entries which FreeIPA
depends on.
- attribute 'nisDomain'
- objectclass 'nisDomainObject'
The definition of 'nisDomain' attribute and 'nisDomainObject' objectclass
were updated to be compatible with 389-ds 1.4.3.5+.
Fixes:
http://pagure.io/freeipa/issue/8258
This issue needs resolution from 389-ds side as well, we aren't agreed fully yet how
to solve multiple-master replication problem. For details please see
https://pagure.io/389-ds-base/issue/50933,
https://pagure.io/389-ds-base/pull-request/51009,
https://pagure.io/389-ds-base/pull-request/50934#comment-115218, and two Fedora 32 bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1821548 and
https://bugzilla.redhat.com/show_bug.cgi?id=1820176
"""
To pull the PR as Git branch:
git remote add ghfreeipa
https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/4502/head:pr4502
git checkout pr4502