Author: rhafer
Date: Thu Dec 3 16:53:02 2009
New Revision: 59939
URL: http://svn.opensuse.org/viewcvs/yast?rev=59939&view=rev
Log:
Set unlimited size limit for syncrepl user (bnc#557966)
Modified:
branches/SuSE-Code-11-SP1-Branch/ldap-server/src/LdapServer.pm
branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc
branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp
branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h
Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/LdapServer.pm
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/LdapServer.pm?rev=59939&r1=59938&r2=59939&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/LdapServer.pm (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/LdapServer.pm Thu Dec 3 16:53:02 2009
@@ -1815,6 +1815,12 @@
$rc = SCR->Write(".ldapserver.database.{0}.acl", \@syncacl );
push @syncacl, @$defaultDbAcls;
$defaultDbAcls = \@syncacl;
+
+ my @newlimits = ( { 'selector' => "dn.exact=\"$syncdn\"",
+ 'limits' => [ { 'type' => "size.soft",
+ 'value' => "unlimited" } ] } );
+ SCR->Write(".ldapserver.database.{0}.limits", \@newlimits );
+ SCR->Write(".ldapserver.database.{1}.limits", \@newlimits );
}
}
@@ -2861,6 +2867,54 @@
}
}
}
+ for ( my $i=0; $i < scalar(@{$dbs})-1; $i++)
+ {
+ my $type = $dbs->[$i+1]->{'type'};
+ my $suffix = $dbs->[$i+1]->{'suffix'};
+ if ( $type eq "config" || $type eq "bdb" || $type eq "hdb" )
+ {
+ my $db = SCR->Read(".ldapserver.database.{".$i."}" );
+ my $needslimit = 1;
+ if ( lc($db->{'rootdn'}) eq lc($syncreplbaseconfig->{'binddn'}) )
+ {
+ y2milestone("Repl DN \"".$syncreplbaseconfig->{'binddn'}. "\" is rootdn of database $i. No limit needed");
+ }
+ else
+ {
+ my $limits = SCR->Read(".ldapserver.database.{".$i."}.limits" );
+ y2debug("Database $i limits:". Data::Dumper->Dump([ $limits ]) );
+ foreach my $limit (@$limits)
+ {
+ if ( $limit->{'selector'} eq "dn.exact=\"".$syncreplbaseconfig->{'binddn'}."\"" )
+ {
+ my $limitvals = $limit->{'limits'};
+ foreach my $val (@$limitvals )
+ {
+ if ( $val->{'type'} eq "size.soft" && $val->{'value'} eq "unlimited" )
+ {
+ y2milestone("limit already present, no need to add");
+ $needslimit = 0;
+ last;
+ }
+ }
+ if (! $needslimit )
+ {
+ last;
+ }
+ }
+ }
+ if ($needslimit)
+ {
+ y2milestone("Setting sizelimit for syncrepuser to unlimited.");
+ my @newlimits = ( { 'selector' => "dn.exact=\"".$syncreplbaseconfig->{'binddn'}."\"",
+ 'limits' => [ { 'type' => "size.soft",
+ 'value' => "unlimited" } ] } );
+ push @newlimits, @$limits;
+ SCR->Write(".ldapserver.database.{".$i."}.limits", \@newlimits );
+ }
+ }
+ }
+ }
SCR->Execute(".ldapserver.commitChanges" );
SCR->Execute(".ldapserver.reset" );
Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc?rev=59939&r1=59938&r2=59939&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc Thu Dec 3 16:53:02 2009
@@ -851,6 +851,37 @@
return YCPNull();
}
}
+ else if ( dbComponent == "limits" )
+ {
+ YCPList resList;
+ OlcLimitList limitList;
+ if ( (*i)->getLimits(limitList) )
+ {
+ OlcLimitList::const_iterator j;
+ for ( j = limitList.begin(); j != limitList.end(); j++ )
+ {
+ YCPMap limitMap;
+ YCPList limitVals;
+ pairlist limits = (*j)->getLimits();
+ pairlist::const_iterator k ;
+ for ( k = limits.begin(); k != limits.end(); k++ )
+ {
+ YCPMap valMap;
+ valMap.add(YCPString("type"), YCPString(k->first) );
+ valMap.add(YCPString("value"), YCPString(k->second) );
+ limitVals.add(valMap);
+ }
+ limitMap.add( YCPString("selector"), YCPString( (*j)->getSelector().c_str() ) );
+ limitMap.add( YCPString("limits"), limitVals);
+ resList.add(limitMap);
+ }
+ return resList;
+ }
+ else
+ {
+ return YCPNull();
+ }
+ }
else if ( dbComponent == "syncrepl" )
{
YCPMap resMap;
@@ -1667,6 +1698,30 @@
(*i)->replaceAccessControl(aclList);
ret = true;
}
+ else if ( dbComponent == "limits" )
+ {
+ YCPList argList = arg->asList();
+ OlcLimitList limitList;
+ for ( int j = 0; j < argList->size(); j++ )
+ {
+ boost::shared_ptr<OlcLimits> limit( new OlcLimits() );
+ YCPMap limitMap = argList->value(j)->asMap();
+ limit->setSelector(limitMap->value(YCPString("selector"))->asString()->value_cstr() );
+
+ YCPList ycpLimitValues = limitMap->value(YCPString("limits"))->asList();
+ pairlist limitVals;
+ for ( int k=0; k < ycpLimitValues->size(); k++ )
+ {
+ YCPMap valMap = ycpLimitValues->value(k)->asMap();
+ limitVals.push_back( make_pair(valMap->value(YCPString("type"))->asString()->value_cstr(),
+ valMap->value(YCPString("value"))->asString()->value_cstr() ) );
+ }
+ limit->setLimits(limitVals);
+ limitList.push_back(limit);
+ }
+ (*i)->replaceLimits(limitList);
+ ret = true;
+ }
else if ( dbComponent == "syncrepl" )
{
YCPMap argMap = arg->asMap();
Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp?rev=59939&r1=59938&r2=59939&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp Thu Dec 3 16:53:02 2009
@@ -836,6 +836,86 @@
return aclString.str();
}
+OlcLimits::OlcLimits( const std::string& limitString )
+{
+ std::string::size_type spos = 0;
+ std::string::size_type tmppos = 0;
+ // limits look like this: <selector> <limit> [<limit> [...]]
+
+ // split of the selector pattern
+ tmppos = limitString.find_first_not_of("\t ", spos );
+ spos = tmppos;
+ tmppos = limitString.find_first_of("\t\" ", spos );
+ // skip quoted whitespaces
+ while ( limitString[tmppos] == '"' && limitString[tmppos-1] != '\\')
+ {
+ tmppos = extractAlcToken( limitString, tmppos, true );
+ tmppos = limitString.find_first_of("\t\" ", tmppos+1 );
+ }
+ m_selector = limitString.substr(spos, tmppos-spos );
+ log_it(SLAPD_LOG_DEBUG, "selector: <"+m_selector+">" );
+
+ // now the list of <limits> follows
+ spos = tmppos;
+ if ( spos != std::string::npos )
+ {
+ spos = limitString.find_first_not_of("\t ", spos );
+ }
+ while ( spos != std::string::npos )
+ {
+ tmppos = extractAlcToken( limitString, spos, false );
+ std::string tmp = limitString.substr( spos, tmppos-spos );
+ log_it(SLAPD_LOG_DEBUG, "limit: <"+tmp+">" );
+ std::string::size_type delimpos = tmp.find( '=' );
+ if ( delimpos == std::string::npos )
+ {
+ throw std::runtime_error( "error while parsing limits statement" );
+ }
+ m_limits.push_back( make_pair(tmp.substr(0, delimpos), tmp.substr( delimpos+1 ) ));
+ if ( tmppos != std::string::npos )
+ {
+ spos = limitString.find_first_not_of("\t ", tmppos+1 );
+ }
+ else
+ {
+ break;
+ }
+ }
+}
+
+void OlcLimits::setSelector( const std::string &value )
+{
+ m_selector = value;
+}
+
+void OlcLimits::setLimits ( const pairlist &value )
+{
+ m_limits = value;
+}
+
+std::string OlcLimits::getSelector() const
+{
+ return m_selector;
+}
+
+pairlist OlcLimits::getLimits() const
+{
+ return m_limits;
+}
+
+std::string OlcLimits::toLimitsString() const
+{
+ std::ostringstream limitStr;
+ limitStr << m_selector;
+
+ pairlist::const_iterator i;
+ for ( i=m_limits.begin(); i != m_limits.end(); i++ )
+ {
+ limitStr << " " << i->first << "=" << i->second ;
+ }
+ return limitStr.str();
+}
+
const std::string OlcSyncRepl::RID="rid";
const std::string OlcSyncRepl::PROVIDER="provider";
const std::string OlcSyncRepl::BASE="searchbase";
@@ -1315,6 +1395,54 @@
}
}
+bool OlcDatabase::getLimits(OlcLimitList &limitList) const
+{
+ const LDAPAttribute* limitsAttr = m_dbEntryChanged.getAttributeByName("olcLimits");
+ log_it(SLAPD_LOG_INFO, "OlcDatabase::getLimits()");
+ limitList.clear();
+ bool ret = true;
+ if ( limitsAttr )
+ {
+ StringList values = limitsAttr->getValues();
+ StringList::const_iterator i;
+ for ( i = values.begin(); i != values.end(); i++ )
+ {
+ log_it(SLAPD_LOG_DEBUG, "limits VALUE: " + *i );
+ std::string limitString;
+ splitIndexFromString( *i, limitString );
+ try {
+ boost::shared_ptr<OlcLimits> limit( new OlcLimits(limitString) );
+ limitList.push_back(limit);
+ }
+ catch ( std::runtime_error e )
+ {
+ log_it(SLAPD_LOG_INFO, "Can't parse Limit");
+ log_it(SLAPD_LOG_INFO, e.what() );
+ limitList.clear();
+ ret = false;
+ break;
+ }
+ }
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO, "no limit set");
+ }
+ return ret;
+}
+
+void OlcDatabase::replaceLimits( const OlcLimitList& limits )
+{
+ this->setStringValue( "olcLimits", "" );
+ OlcLimitList::const_iterator i;
+ int j = 0;
+
+ for ( i = limits.begin(); i != limits.end(); i++ )
+ {
+ this->addIndexedStringValue( "olcLimits", (*i)->toLimitsString(), j );
+ j++;
+ }
+}
OlcSyncReplList OlcDatabase::getSyncRepl() const
{
Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h?rev=59939&r1=59938&r2=59939&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h Thu Dec 3 16:53:02 2009
@@ -232,6 +232,25 @@
OlcAclByList m_byList;
};
+typedef std::list