>From 7724f2350a25e92b70590d8e5203f08b5db4136e Mon Sep 17 00:00:00 2001 From: Nathan Kinder <nkinder@xxxxxxxxxx> Date: Tue, 15 Dec 2009 12:29:26 -0800 Subject: [PATCH] Bug 518084 - Fix out of order retro changelog entries When using the retro changelog plugin, post-op plugins that perform internal operations (such as memberOf) can result in the internal operation preceeding the original operation in the changelog. The fix is to give the retro changelog a higher precedence than the other post-op plugins. This required some core server changes to be made around the plugin precedence to allow an object plugin to pass it's precedence into it's calls to slapi_register_plugin() when it registers other plugin types. I added an update LDIF to set the plugin precedence when running "setup-ds.pl -u". I also noticed an AVC when restarting after the update due to the schema.bak directory that is created. I've adjusted the dirsrv SELinux policy to deal with this AVC. --- Makefile.am | 1 + ldap/admin/src/scripts/50retroclprecedence.ldif | 4 ++++ ldap/ldif/template-dse.ldif.in | 1 + ldap/servers/plugins/retrocl/retrocl.c | 9 ++++++--- ldap/servers/slapd/pblock.c | 6 ++++++ ldap/servers/slapd/plugin.c | 23 ++++++++++++++++++++--- ldap/servers/slapd/slapi-plugin.h | 4 ++++ selinux/dirsrv.te | 1 + 8 files changed, 43 insertions(+), 6 deletions(-) create mode 100644 ldap/admin/src/scripts/50retroclprecedence.ldif diff --git a/Makefile.am b/Makefile.am index dbab95e..8a1344a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -425,6 +425,7 @@ update_DATA = ldap/admin/src/scripts/exampleupdate.pl \ ldap/admin/src/scripts/50linkedattrsplugin.ldif \ ldap/admin/src/scripts/50usnplugin.ldif \ ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif \ + ldap/admin/src/scripts/50retroclprecedence.ldif \ ldap/admin/src/scripts/60upgradeschemafiles.pl \ ldap/admin/src/scripts/dnaplugindepends.ldif diff --git a/ldap/admin/src/scripts/50retroclprecedence.ldif b/ldap/admin/src/scripts/50retroclprecedence.ldif new file mode 100644 index 0000000..2faf329 --- /dev/null +++ b/ldap/admin/src/scripts/50retroclprecedence.ldif @@ -0,0 +1,4 @@ +dn: cn=Retro Changelog Plugin,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginPrecedence +nsslapd-pluginPrecedence: 25 diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in index 7bcb48a..2145abc 100644 --- a/ldap/ldif/template-dse.ldif.in +++ b/ldap/ldif/template-dse.ldif.in @@ -568,6 +568,7 @@ nsslapd-pluginpath: libretrocl-plugin nsslapd-plugininitfunc: retrocl_plugin_init nsslapd-plugintype: object nsslapd-pluginenabled: off +nsslapd-pluginprecedence: 25 nsslapd-plugin-depends-on-type: database nsslapd-plugin-depends-on-named: Class of Service diff --git a/ldap/servers/plugins/retrocl/retrocl.c b/ldap/servers/plugins/retrocl/retrocl.c index f598e3d..4e9ca84 100644 --- a/ldap/servers/plugins/retrocl/retrocl.c +++ b/ldap/servers/plugins/retrocl/retrocl.c @@ -375,20 +375,23 @@ retrocl_plugin_init(Slapi_PBlock *pb) { static int legacy_initialised= 0; int rc = 0; + int precedence = 0; void *identity = NULL; slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &identity); PR_ASSERT (identity); g_plg_identity[PLUGIN_RETROCL] = identity; + + slapi_pblock_get( pb, SLAPI_PLUGIN_PRECEDENCE, &precedence ); if (!legacy_initialised) { rc= slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION, SLAPI_PLUGIN_VERSION_01 ); rc= slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&retrocldesc ); rc= slapi_pblock_set( pb, SLAPI_PLUGIN_START_FN, (void *) retrocl_start ); rc= slapi_pblock_set( pb, SLAPI_PLUGIN_CLOSE_FN, (void *) retrocl_stop ); - - rc= slapi_register_plugin("postoperation", 1 /* Enabled */, "retrocl_postop_init", retrocl_postop_init, "Retrocl postoperation plugin", NULL, identity); - rc= slapi_register_plugin("internalpostoperation", 1 /* Enabled */, "retrocl_internalpostop_init", retrocl_internalpostop_init, "Retrocl internal postoperation plugin", NULL, identity); + + rc= slapi_register_plugin_ext("postoperation", 1 /* Enabled */, "retrocl_postop_init", retrocl_postop_init, "Retrocl postoperation plugin", NULL, identity, precedence); + rc= slapi_register_plugin_ext("internalpostoperation", 1 /* Enabled */, "retrocl_internalpostop_init", retrocl_internalpostop_init, "Retrocl internal postoperation plugin", NULL, identity, precedence); } legacy_initialised = 1; diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c index da6ed8d..599f7c5 100644 --- a/ldap/servers/slapd/pblock.c +++ b/ldap/servers/slapd/pblock.c @@ -460,6 +460,9 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value ) case SLAPI_PLUGIN_VERSION: (*(char **)value) = pblock->pb_plugin->plg_version; break; + case SLAPI_PLUGIN_PRECEDENCE: + (*(int *)value) = pblock->pb_plugin->plg_precedence; + break; case SLAPI_PLUGIN_OPRETURN: (*(int *)value) = pblock->pb_opreturn; break; @@ -1779,6 +1782,9 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value ) case SLAPI_PLUGIN_VERSION: pblock->pb_plugin->plg_version = (char *) value; break; + case SLAPI_PLUGIN_PRECEDENCE: + pblock->pb_plugin->plg_precedence = (char *) value; + break; case SLAPI_PLUGIN_OPRETURN: pblock->pb_opreturn = *((int *) value); break; diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c index 1664cc1..24f66b9 100644 --- a/ldap/servers/slapd/plugin.c +++ b/ldap/servers/slapd/plugin.c @@ -241,15 +241,31 @@ add_plugin_entry_dn(const Slapi_DN *plugin_dn) */ int slapi_register_plugin( - const char *plugintype, + const char *plugintype, int enabled, const char *initsymbol, slapi_plugin_init_fnptr initfunc, - const char *name, - char **argv, + const char *name, + char **argv, void *group_identity ) { + return slapi_register_plugin_ext(plugintype, enabled, initsymbol, + initfunc, name, argv, group_identity, PLUGIN_DEFAULT_PRECEDENCE); +} + +int +slapi_register_plugin_ext( + const char *plugintype, + int enabled, + const char *initsymbol, + slapi_plugin_init_fnptr initfunc, + const char *name, + char **argv, + void *group_identity, + int precedence +) +{ int ii = 0; int rc = 0; Slapi_Entry *e = slapi_entry_alloc(); @@ -263,6 +279,7 @@ slapi_register_plugin( slapi_entry_attr_set_charptr(e, ATTR_PLUGIN_ENABLED, "off"); slapi_entry_attr_set_charptr(e, ATTR_PLUGIN_INITFN, initsymbol); + slapi_entry_attr_set_int(e, ATTR_PLUGIN_PRECEDENCE, precedence); for (ii = 0; argv && argv[ii]; ++ii) { char argname[64]; diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h index 09f18e7..eaac18d 100644 --- a/ldap/servers/slapd/slapi-plugin.h +++ b/ldap/servers/slapd/slapi-plugin.h @@ -2616,6 +2616,9 @@ int slapi_register_plugin( const char *plugintype, int enabled, const char *initsymbol, slapi_plugin_init_fnptr initfunc, const char *name, char **argv, void *group_identity); +int slapi_register_plugin_ext( const char *plugintype, int enabled, + const char *initsymbol, slapi_plugin_init_fnptr initfunc, + const char *name, char **argv, void *group_identity, int precedence); /* * logging @@ -3130,6 +3133,7 @@ typedef struct slapi_plugindesc { } Slapi_PluginDesc; #define SLAPI_PLUGIN_IDENTITY 13 +#define SLAPI_PLUGIN_PRECEDENCE 14 /* common for internal plugin_ops */ #define SLAPI_PLUGIN_INTOP_RESULT 15 diff --git a/selinux/dirsrv.te b/selinux/dirsrv.te index 1880e6f..ddcc2f1 100644 --- a/selinux/dirsrv.te +++ b/selinux/dirsrv.te @@ -123,6 +123,7 @@ files_lock_filetrans(dirsrv_t, dirsrv_var_lock_t, { file }) # config files manage_files_pattern(dirsrv_t, dirsrv_config_t, dirsrv_config_t) +manage_dirs_pattern(dirsrv_t, dirsrv_config_t, dirsrv_config_t) # tmp files manage_files_pattern(dirsrv_t, dirsrv_tmp_t, dirsrv_tmp_t) -- 1.6.2.5
-- 389-devel mailing list 389-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel