Comments

9 Comments

A PKI test raises https://pagure.io/389-ds-base/issue/49319.

389-ds-base-1.3.5.17-3.fc25 is missing backport of https://pagure.io/389-ds-base/issue/49209

That is correct, I was running FreeIPA 4.4, that explains existence of 'dirsrv' user

Just for info from a f25 (where freeipa was configured) before 389-ds upgrade, I am seeing 'dirsrv' user

[root@vm1 ~]# rpm -q 389-ds-base
389-ds-base-1.3.5.16-1.fc25.x86_64
[root@vm1 ~]# getent passwd dirsrv
dirsrv:x:389:389:389-ds-base:/usr/share/dirsrv:/sbin/nologin
karma

Tests of freeipa are successful with nss-3.24.0-1.2.fc24.x86_64

Test on F23 - Freeipa 4.3.1 - DS 1.3.5.4.1

Freeipa already installed upgrade nss-3.23->nss-3.24.0-1.2.fc24.x86_64 restart DS instance --> nss is correctly initialize nss, LDAPS working (636)

Freeipa full install with nss-3.24.0-1.2.fc24.x86_64 Installation complete successfully restart DS instance --> nss is correctly initialize nss, LDAPS working (636)

BZ#1342158 nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails
karma

Have done some successfull basics tests (install/uninstall , provision/update/authenticate with entries)

karma

Installation of IPA fails with nss-3-24 because 389-ds fails to initialize nss that no longer support sslV2 (https://fedorahosted.org/389/ticket/48866)

The same installation works with nss-3.23

Breaks F24 but all releases where nss-3.23 is targeted (F23 and F22 ?)

Successful run freeipa tests on F23

Testing this version with freeipa tests. It creates more failures vs 1.3.4.6-1

1.3.4.6-1
======= 30 failed, 2201 passed, 899 skipped, 484 error in 434.95 seconds =======

1.3.4.7
====== 108 failed, 2086 passed, 892 skipped, 531 error in 417.30 seconds =======

These errors in errors log:

[26/Jan/2016:18:35:11 +0100] get_ranges - [file ipa_sidgen_common.c, line 276]: Failed to convert LDAP entry to range struct.
[26/Jan/2016:18:35:11 +0100] ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 140]: Failed to get ID ranges.
[26/Jan/2016:18:35:11 +0100] NSMMReplicationPlugin - process_postop: Failed to apply update () error (1).  Aborting replication session(conn=1692 op=5)

Also was enable to connect over ldapi

Tested for weeks for performance. No problem