thierry bordaz
2021-03-26 09:51:59 UTC
Hi Marco,
I agree with you that the command setting the attributes to the same
existing values should not fail.
Output could differ from "Successfully changed ..." to let us know that
no MOD were applied but IMHO it should succeeds as well.
Please would you open a new bug
(https://github.com/389ds/389-ds-base/issues/new/choose) ?
regards
thierry
389-users mailing list -- 389-***@lists.fedoraproject.org
To unsubscribe send an email to 389-users-***@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-***@lists.fedoraproject.org
Do not reply to spam on the list, report it: http
I agree with you that the command setting the attributes to the same
existing values should not fail.
Output could differ from "Successfully changed ..." to let us know that
no MOD were applied but IMHO it should succeeds as well.
Please would you open a new bug
(https://github.com/389ds/389-ds-base/issues/new/choose) ?
regards
thierry
Hello,
I like to use [dsconf](https://directory.fedoraproject.org/docs/389ds/design/dsadm-dsconf.html) to manage my 389ds instances.
I like also Ansible to manage the configuration. From Ansible, if I run dsconf command I see some problems of idempotency.
For example, if I run the first time in a new fresh installation
```
dsconf -D cn=Directory Manager -w ****
ldap://localhost:389 plugin attr-uniq set attribute
uniqueness --subtree=c=en --enabled=on --attr-name=uid
--across-all-subtrees=off
```
it returns 0 and the output
*There is nothing to set in the cn=attribute
uniqueness,cn=plugins,cn=config plugin entry*
and the exit status is 1.
Of course I can manage the output in Ansible in order to reclassify as well the task result. But I have to do that in a lot of cases (best effort).
Of course I can use some idempotent ldapmodify module, but I like to trust `dsconf`.
So I wonder if you could consider the benefit to make `dsconf` more idempotent.
For instance, in the above case the exit status could be 0. The same behavior could be adopted in all results of "already exists" output messages when the value to set is equal to the value already present (ie: `dsconf -D cn=Directory Manager -w *** ldap://localhost:389 backend index add ...` returns "already exists" and the exit status 1 if the idex is already defined)
If you have any other hints to address this problem could let me know.
Thank you very much
Kind Regards
Marco
_______________________________________________
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
_______________________________________________I like to use [dsconf](https://directory.fedoraproject.org/docs/389ds/design/dsadm-dsconf.html) to manage my 389ds instances.
I like also Ansible to manage the configuration. From Ansible, if I run dsconf command I see some problems of idempotency.
For example, if I run the first time in a new fresh installation
```
dsconf -D cn=Directory Manager -w ****
ldap://localhost:389 plugin attr-uniq set attribute
uniqueness --subtree=c=en --enabled=on --attr-name=uid
--across-all-subtrees=off
```
it returns 0 and the output
*There is nothing to set in the cn=attribute
uniqueness,cn=plugins,cn=config plugin entry*
and the exit status is 1.
Of course I can manage the output in Ansible in order to reclassify as well the task result. But I have to do that in a lot of cases (best effort).
Of course I can use some idempotent ldapmodify module, but I like to trust `dsconf`.
So I wonder if you could consider the benefit to make `dsconf` more idempotent.
For instance, in the above case the exit status could be 0. The same behavior could be adopted in all results of "already exists" output messages when the value to set is equal to the value already present (ie: `dsconf -D cn=Directory Manager -w *** ldap://localhost:389 backend index add ...` returns "already exists" and the exit status 1 if the idex is already defined)
If you have any other hints to address this problem could let me know.
Thank you very much
Kind Regards
Marco
_______________________________________________
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
389-users mailing list -- 389-***@lists.fedoraproject.org
To unsubscribe send an email to 389-users-***@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-***@lists.fedoraproject.org
Do not reply to spam on the list, report it: http