Fixing this for upgrades from jessie to stretch requires a jessie update
as well, to dump out the databases upon remove.
The patches I intend to submit are attached. I would appreciate it a lot
if anyone reading this could take the time to review and try to point
out any edge cases I missed.
The changes are intentionally minimal. Some refactoring will probably be
in order, but that can wait for buster.
The intended paths are:
- standard upgrades from jessie to stretch should not dump/reload the
databases needlessly
- remove-upgrade-install from jessie to stretch with the ppolicy schema
installed should succeed: the config should be dumped before remove so
that it can be updated and reloaded in postinst
- upgrades from current jessie to stretch should still work
- if preinst fails after dumping in prerm (for example because the
ppolicy check decides a manual update is required), and the upgrade is
retried, the second prerm should dump again and the updated data
should be used for the upgrade
>From 9abb492428fd50f938a7596f72ce6b187a786787 Mon Sep 17 00:00:00 2001
From: Ryan Tandy <r...@nardis.ca>
Date: Sat, 8 Apr 2017 09:46:44 -0700
Subject: [PATCH] Dump databases in prerm (#665199)
---
debian/changelog | 3 +++
debian/slapd.preinst | 13 +++++++++++--
debian/slapd.prerm | 13 +++++++++++++
debian/slapd.scripts-common | 11 ++++++++++-
4 files changed, 37 insertions(+), 3 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index d9e58a1..bd09165 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -34,6 +34,9 @@ openldap (2.4.44+dfsg-4) UNRELEASED; urgency=medium
Thanks to Trần Ngọc Quân.
* Update Build-Depends on debhelper to ensure shlibs files are installed at
the expected time during build. (Closes: #854158)
+ * Dump the configuration and databases to LDIF before removing slapd, so
+ that they are available if a newer version requiring migration is
+ installed later. (Closes: #665199)
-- Ryan Tandy <r...@nardis.ca> Sun, 08 Jan 2017 12:39:19 -0800
diff --git a/debian/slapd.preinst b/debian/slapd.preinst
index b9cc540..bceb901 100755
--- a/debian/slapd.preinst
+++ b/debian/slapd.preinst
@@ -97,11 +97,20 @@ preinst_check_config() { # {{{
# slapcat out the data so we can use it in postinst to do the upgrade
if [ "$MODE" = upgrade ]; then
- dump_config
+ # Dump config if not already done in prerm
+ dump_config if_needed
+fi
+
+if [ "$MODE" = upgrade ] || [ "$MODE" = install -a -n "$OLD_VERSION" ]; then
+ # Do not assume slapcat is available in this phase
if [ -d "$SLAPD_CONF" ]; then
preinst_check_config
fi
- dump_databases
+fi
+
+if [ "$MODE" = upgrade ]; then
+ # Dump databases if not already done in prerm
+ dump_databases if_needed
fi
#DEBHELPER#
diff --git a/debian/slapd.prerm b/debian/slapd.prerm
index 075342a..02895f6 100755
--- a/debian/slapd.prerm
+++ b/debian/slapd.prerm
@@ -4,8 +4,21 @@ set -e
. /usr/share/debconf/confmodule
+# This will be replaced with debian/slapd.scripts-common which includes
+# various helper functions and $OLD_VERSION and $SLAPD_CONF
+#SCRIPTSCOMMON#
+
#DEBHELPER#
+if [ "$MODE" = upgrade ] || [ "$MODE" = remove ]; then
+ # scripts-common sets OLD_VERSION incorrectly for prerm
+ OLD_VERSION="$(dpkg-query -W -f '${Version}' slapd)"
+
+ # Dump databases before the old slapcat binary is removed
+ dump_config
+ dump_databases
+fi
+
exit 0
# vim: set foldmethod=marker:
diff --git a/debian/slapd.scripts-common b/debian/slapd.scripts-common
index 7160d67..92bb141 100644
--- a/debian/slapd.scripts-common
+++ b/debian/slapd.scripts-common
@@ -164,6 +164,10 @@ dump_config() { # {{{
[ -d "$SLAPD_CONF" ] || return 0
dir="$(database_dumping_destdir)"
+
+ # Skip if we are in preinst and config was dumped in prerm
+ [ "$1" = if_needed ] && [ -f "$dir/cn=config.ldif" ] && return 0
+
echo "Saving current slapd configuration to $dir..." >&2
slapcat -F "$SLAPD_CONF" -n0 -l "$dir/cn=config.ldif"
}
@@ -174,7 +178,10 @@ dump_databases() { # {{{
local db suffix file dir failed
- database_dumping_enabled || return 0
+ # If the package is being removed, dump unconditionally as we
+ # don't know whether the next version will require reload.
+ # If the package is being upgraded, dump only if needed.
+ [ "$MODE" = remove ] || database_dumping_enabled || return 0
dir=`database_dumping_destdir`
echo >&2 " Dumping to $dir: "
@@ -182,6 +189,8 @@ dump_databases() { # {{{
dbdir=`get_directory "$suffix"`
if [ -n "$dbdir" ]; then
file="$dir/$suffix.ldif"
+ # Skip if we are in preinst and data was dumped in prerm
+ [ "$1" = if_needed ] && [ -f "$file" ] && continue
echo -n " - directory $suffix... " >&2
# Need to support slapd.d migration from preinst
if [ -f "${SLAPD_CONF}" ]; then
--
2.1.4
>From f6488fa375c1f55c429a601d13184af6c30d01fa Mon Sep 17 00:00:00 2001
From: Ryan Tandy <r...@nardis.ca>
Date: Sat, 8 Apr 2017 09:46:44 -0700
Subject: [PATCH] Dump databases in prerm (#665199)
---
debian/changelog | 8 ++++++++
debian/slapd.preinst | 6 +++++-
debian/slapd.prerm | 13 +++++++++++++
debian/slapd.scripts-common | 24 +++++++++++++++++++++++-
4 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index bbbfe30..2407c9f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+openldap (2.4.40+dfsg-1+deb8u3) UNRELEASED; urgency=medium
+
+ * Dump the configuration and databases to LDIF before removing slapd, so
+ that they are available if a newer version requiring migration is
+ installed later. (Closes: #665199)
+
+ -- Ryan Tandy <r...@nardis.ca> Sat, 08 Apr 2017 12:00:57 -0700
+
openldap (2.4.40+dfsg-1+deb8u2) jessie; urgency=medium
* debian/patches/ITS8003-fix-off-by-one-in-LDIF-length.patch: Import
diff --git a/debian/slapd.preinst b/debian/slapd.preinst
index f573631..7249e9e 100755
--- a/debian/slapd.preinst
+++ b/debian/slapd.preinst
@@ -12,7 +12,11 @@ set -e
# slapcat out the data so we can use it in postinst to do the upgrade
if [ "$MODE" = upgrade ]; then
- dump_databases
+ # Dump config if not already done in prerm
+ dump_config if_needed
+
+ # Dump databases if not already done in prerm
+ dump_databases if_needed
fi
#DEBHELPER#
diff --git a/debian/slapd.prerm b/debian/slapd.prerm
index 075342a..02895f6 100755
--- a/debian/slapd.prerm
+++ b/debian/slapd.prerm
@@ -4,8 +4,21 @@ set -e
. /usr/share/debconf/confmodule
+# This will be replaced with debian/slapd.scripts-common which includes
+# various helper functions and $OLD_VERSION and $SLAPD_CONF
+#SCRIPTSCOMMON#
+
#DEBHELPER#
+if [ "$MODE" = upgrade ] || [ "$MODE" = remove ]; then
+ # scripts-common sets OLD_VERSION incorrectly for prerm
+ OLD_VERSION="$(dpkg-query -W -f '${Version}' slapd)"
+
+ # Dump databases before the old slapcat binary is removed
+ dump_config
+ dump_databases
+fi
+
exit 0
# vim: set foldmethod=marker:
diff --git a/debian/slapd.scripts-common b/debian/slapd.scripts-common
index f56b3b1..c75eb1f 100644
--- a/debian/slapd.scripts-common
+++ b/debian/slapd.scripts-common
@@ -152,14 +152,34 @@ olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,c
echo "done." >&2
fi
}
+# }}}
+dump_config() { # {{{
+# Dump the cn=config database to the backup directory.
+# This is not the same as backup_config_once, which copies the slapd.d
+# directory verbatim.
+ local dir
+ [ -d "$SLAPD_CONF" ] || return 0
+
+ dir="$(database_dumping_destdir)"
+
+ # Skip if we are in preinst and config was dumped in prerm
+ [ "$1" = if_needed ] && [ -f "$dir/cn=config.ldif" ] && return 0
+
+ echo "Saving current slapd configuration to $dir..." >&2
+ slapcat -F "$SLAPD_CONF" -n0 -l "$dir/cn=config.ldif"
+}
+# }}}
dump_databases() { # {{{
# If the user wants us to dump the databases they are dumped to the
# configured directory.
local db suffix file dir failed
- database_dumping_enabled || return 0
+ # If the package is being removed, dump unconditionally as we
+ # don't know whether the next version will require reload.
+ # If the package is being upgraded, dump only if needed.
+ [ "$MODE" = remove ] || database_dumping_enabled || return 0
dir=`database_dumping_destdir`
echo >&2 " Dumping to $dir: "
@@ -167,6 +187,8 @@ dump_databases() { # {{{
dbdir=`get_directory "$suffix"`
if [ -n "$dbdir" ]; then
file="$dir/$suffix.ldif"
+ # Skip if we are in preinst and data was dumped in prerm
+ [ "$1" = if_needed ] && [ -f "$file" ] && continue
echo -n " - directory $suffix... " >&2
# Need to support slapd.d migration from preinst
if [ -f "${SLAPD_CONF}" ]; then
--
2.1.4
