Re: [389-devel] Please Review: (518084) Fix out of order retro change log records

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I've attached a revised patch.  Noriko caught an issue where I was casting the precedence to the wrong type in slapi_pblock_set().  I had missed this in testing since I don't actuall call slapi_pblock_set() to set the precedence in the server code, but wanted to supply that capability to plugins.

On 12/15/2009 12:33 PM, Nathan Kinder wrote: 


--
389-devel mailing list
389-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
  

>From 9a260929851e7d4d45e57eeac511186d1c9e2ec0 Mon Sep 17 00:00:00 2001
From: Nathan Kinder <nkinder@xxxxxxxxxx>
Date: Tue, 15 Dec 2009 12:54:24 -0800
Subject: [PATCH] Bug 518084 - Fix out of order retro changelog entries

When using the retro changelog plugin, post-op plugins that perform
internal operations (such as memberOf) can result in the internal
operation preceeding the original operation in the changelog.

The fix is to give the retro changelog a higher precedence than the
other post-op plugins.  This required some core server changes to
be made around the plugin precedence to allow an object plugin to
pass it's precedence into it's calls to slapi_register_plugin()
when it registers other plugin types.

I added an update LDIF to set the plugin precedence when running
"setup-ds.pl -u".  I also noticed an AVC when restarting after the
update due to the schema.bak directory that is created.  I've
adjusted the dirsrv SELinux policy to deal with this AVC.
---
 Makefile.am                                     |    1 +
 ldap/admin/src/scripts/50retroclprecedence.ldif |    4 ++++
 ldap/ldif/template-dse.ldif.in                  |    1 +
 ldap/servers/plugins/retrocl/retrocl.c          |    9 ++++++---
 ldap/servers/slapd/pblock.c                     |    6 ++++++
 ldap/servers/slapd/plugin.c                     |   23 ++++++++++++++++++++---
 ldap/servers/slapd/slapi-plugin.h               |    4 ++++
 selinux/dirsrv.te                               |    1 +
 8 files changed, 43 insertions(+), 6 deletions(-)
 create mode 100644 ldap/admin/src/scripts/50retroclprecedence.ldif

diff --git a/Makefile.am b/Makefile.am
index dbab95e..8a1344a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -425,6 +425,7 @@ update_DATA = ldap/admin/src/scripts/exampleupdate.pl \
 	ldap/admin/src/scripts/50linkedattrsplugin.ldif \
 	ldap/admin/src/scripts/50usnplugin.ldif \
 	ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif \
+	ldap/admin/src/scripts/50retroclprecedence.ldif \
 	ldap/admin/src/scripts/60upgradeschemafiles.pl \
 	ldap/admin/src/scripts/dnaplugindepends.ldif
 
diff --git a/ldap/admin/src/scripts/50retroclprecedence.ldif b/ldap/admin/src/scripts/50retroclprecedence.ldif
new file mode 100644
index 0000000..2faf329
--- /dev/null
+++ b/ldap/admin/src/scripts/50retroclprecedence.ldif
@@ -0,0 +1,4 @@
+dn: cn=Retro Changelog Plugin,cn=plugins,cn=config
+changetype: modify
+replace: nsslapd-pluginPrecedence
+nsslapd-pluginPrecedence: 25
diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in
index 7bcb48a..2145abc 100644
--- a/ldap/ldif/template-dse.ldif.in
+++ b/ldap/ldif/template-dse.ldif.in
@@ -568,6 +568,7 @@ nsslapd-pluginpath: libretrocl-plugin
 nsslapd-plugininitfunc: retrocl_plugin_init
 nsslapd-plugintype: object
 nsslapd-pluginenabled: off
+nsslapd-pluginprecedence: 25
 nsslapd-plugin-depends-on-type: database
 nsslapd-plugin-depends-on-named: Class of Service
 
diff --git a/ldap/servers/plugins/retrocl/retrocl.c b/ldap/servers/plugins/retrocl/retrocl.c
index f598e3d..4e9ca84 100644
--- a/ldap/servers/plugins/retrocl/retrocl.c
+++ b/ldap/servers/plugins/retrocl/retrocl.c
@@ -375,20 +375,23 @@ retrocl_plugin_init(Slapi_PBlock *pb)
 {
   	static int legacy_initialised= 0;
     	int rc = 0;
+	int precedence = 0;
 	void *identity = NULL;
 
 	slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &identity);
 	PR_ASSERT (identity);
 	g_plg_identity[PLUGIN_RETROCL] = identity;
+
+	slapi_pblock_get( pb, SLAPI_PLUGIN_PRECEDENCE, &precedence );
     
 	if (!legacy_initialised) {
 	  rc= slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION, SLAPI_PLUGIN_VERSION_01 );
 	  rc= slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&retrocldesc );
 	  rc= slapi_pblock_set( pb, SLAPI_PLUGIN_START_FN, (void *) retrocl_start );
 	  rc= slapi_pblock_set( pb, SLAPI_PLUGIN_CLOSE_FN, (void *) retrocl_stop );
-	  
-	  rc= slapi_register_plugin("postoperation", 1 /* Enabled */, "retrocl_postop_init", retrocl_postop_init, "Retrocl postoperation plugin", NULL, identity);
-	  rc= slapi_register_plugin("internalpostoperation", 1 /* Enabled */, "retrocl_internalpostop_init", retrocl_internalpostop_init, "Retrocl internal postoperation plugin", NULL, identity);
+
+	  rc= slapi_register_plugin_ext("postoperation", 1 /* Enabled */, "retrocl_postop_init", retrocl_postop_init, "Retrocl postoperation plugin", NULL, identity, precedence);
+	  rc= slapi_register_plugin_ext("internalpostoperation", 1 /* Enabled */, "retrocl_internalpostop_init", retrocl_internalpostop_init, "Retrocl internal postoperation plugin", NULL, identity, precedence);
 	}
 	
     legacy_initialised = 1;
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index da6ed8d..8880377 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -460,6 +460,9 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
 	case SLAPI_PLUGIN_VERSION:
 		(*(char **)value) = pblock->pb_plugin->plg_version;
 		break;
+	case SLAPI_PLUGIN_PRECEDENCE:
+		(*(int *)value) = pblock->pb_plugin->plg_precedence;
+		break;
 	case SLAPI_PLUGIN_OPRETURN:
 		(*(int *)value) = pblock->pb_opreturn;
 		break;
@@ -1779,6 +1782,9 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value )
 	case SLAPI_PLUGIN_VERSION:
 		pblock->pb_plugin->plg_version = (char *) value;
 		break;
+	case SLAPI_PLUGIN_PRECEDENCE:
+		pblock->pb_plugin->plg_precedence = *((int *) value;
+		break;
 	case SLAPI_PLUGIN_OPRETURN:
 		pblock->pb_opreturn = *((int *) value);
 		break;
diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c
index 1664cc1..24f66b9 100644
--- a/ldap/servers/slapd/plugin.c
+++ b/ldap/servers/slapd/plugin.c
@@ -241,15 +241,31 @@ add_plugin_entry_dn(const Slapi_DN *plugin_dn)
  */
 int
 slapi_register_plugin(
-    const char *plugintype,
+	const char *plugintype,
 	int enabled,
 	const char *initsymbol,
 	slapi_plugin_init_fnptr initfunc,
-	const char *name, 
-    char **argv,
+	const char *name,
+	char **argv,
 	void *group_identity
 )
 {
+	return slapi_register_plugin_ext(plugintype, enabled, initsymbol,
+			initfunc, name, argv, group_identity, PLUGIN_DEFAULT_PRECEDENCE);
+}
+
+int
+slapi_register_plugin_ext(
+	const char *plugintype,
+	int enabled,
+	const char *initsymbol,
+	slapi_plugin_init_fnptr initfunc,
+	const char *name, 
+	char **argv,
+	void *group_identity,
+	int precedence
+)
+{
 	int ii = 0;
     int rc = 0;
 	Slapi_Entry *e = slapi_entry_alloc();
@@ -263,6 +279,7 @@ slapi_register_plugin(
 		slapi_entry_attr_set_charptr(e, ATTR_PLUGIN_ENABLED, "off");
 
 	slapi_entry_attr_set_charptr(e, ATTR_PLUGIN_INITFN, initsymbol);
+	slapi_entry_attr_set_int(e, ATTR_PLUGIN_PRECEDENCE, precedence);
 
 	for (ii = 0; argv && argv[ii]; ++ii) {
 		char argname[64];
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index 09f18e7..eaac18d 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -2616,6 +2616,9 @@ int slapi_register_plugin( const char *plugintype, int enabled,
 	const char *initsymbol, slapi_plugin_init_fnptr initfunc,
 	const char *name, char **argv, void *group_identity);
 
+int slapi_register_plugin_ext( const char *plugintype, int enabled,
+	const char *initsymbol, slapi_plugin_init_fnptr initfunc,
+	const char *name, char **argv, void *group_identity, int precedence);
 
 /*
  * logging
@@ -3130,6 +3133,7 @@ typedef struct slapi_plugindesc {
 } Slapi_PluginDesc;
 
 #define SLAPI_PLUGIN_IDENTITY                   13
+#define SLAPI_PLUGIN_PRECEDENCE			14
 
 /* common for internal plugin_ops */
 #define SLAPI_PLUGIN_INTOP_RESULT		15
diff --git a/selinux/dirsrv.te b/selinux/dirsrv.te
index 1880e6f..ddcc2f1 100644
--- a/selinux/dirsrv.te
+++ b/selinux/dirsrv.te
@@ -123,6 +123,7 @@ files_lock_filetrans(dirsrv_t, dirsrv_var_lock_t, { file })
 
 # config files
 manage_files_pattern(dirsrv_t, dirsrv_config_t, dirsrv_config_t)
+manage_dirs_pattern(dirsrv_t, dirsrv_config_t, dirsrv_config_t)
 
 # tmp files
 manage_files_pattern(dirsrv_t, dirsrv_tmp_t, dirsrv_tmp_t)
-- 
1.6.2.5


--
389-devel mailing list
389-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux