On 03/15/2015 07:14 PM, William wrote:
Anyway, I think I'd need to look at the internals of the plugin at this
point to work out for sure what's going on.
Looks like someone already did this.
nsslapd-pluginAllowReplUpdates
It looks like there is no documentation about how this config value
works though: and the values it influences aren't widely through the
code so I can't confirm if it's a finished feature.
It is finished, and I will write a design document for it on the wiki
(port389.org).
If you set this on the plugin, to "on" (I think it defaults to off),
then on certain operations the integrity checks are bypassed on
replicated operations.
You can see this on line 726 of
ds/ldap/servers/plugins/referint/referint.c
Can someone confirm if how I'm interpreting this is correct, and if we
should open a documentation bug to get this documented?
So, by setting this to "on", it allows delete operations that come from
replication to be processed by the RI plugin. Usually the RI plugin
ignores replicated delete operations because it is assumed the supplier
replica has the RI plugin enabled, and it has already performed the
group cleanup(and those changes are replicated). So there is no need to
do it twice. However, there are some scenarios where the supplier might
NOT have enabled the RI plugin. In this case we do want the local RI
plugin to process the replicated delete operation, and this is where
this setting would come into play.
Mark
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
