[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Continuous mode (ldapmodify -c) not working
On Mon, Jan 21, 2013 at 1:09 PM, Michael Ströder <michael@stroeder.com> wrote:
> Ori Bani wrote:
>> On Mon, Jan 21, 2013 at 12:50 PM, Michael Ströder <michael@stroeder.com> wrote:
>>> Ori Bani wrote:
>>>> On Mon, Jan 21, 2013 at 12:42 PM, Michael Ströder <michael@stroeder.com> wrote:
>>>>> Ori Bani wrote:
>>>>>> Thanks so much for the reply. Can you please clarify --
>>>>>>
>>>>>>>> Am I doing something wrong? Here is an example:
>>>>>>>>
>>>>>>>> $ ldapmodify -c -x -D 'cn=config' -W
>>>>>>>> Enter LDAP Password: <password>
>>>>>>>> dn: olcDatabase={0}config,cn=config
>>>>>>>> changetype: modify
>>>>>>>> delete: olcSizeLimit
>>>>>>>> -
>>>>>>>> modifying entry "olcDatabase={0}config,cn=config"
>>>>>>>> ldap_modify: No such attribute (16)
>>>>>>>> additional info: modify/delete: olcSizeLimit: no such attribute
>>>>>>>
>>>>>>> Option -c does not mean that you can override any server-side checking. It
>>>>>>> just means that processing the LDIF input is continued.
>>>>>>>
>>>>>>> In your case entry olcDatabase={0}config,cn=config simply does not contain
>>>>>>> attribute 'olcSizeLimit' which is what the error message says.
>>>>>>
>>>>>> I'd be fine if that was the case, but I'm not seeing it work as you
>>>>>> suggest (processing does NOT continue). Surely I'm doing something
>>>>>> wrong. Here is an example of a situation where the subsequest action
>>>>>> in the LDIF is ignored after the error:
>>>>>>
>>>>>> $ ldapmodify -c -x -D 'cn=config' -W
>>>>>> Enter LDAP Password: <password>
>>>>>> dn: olcDatabase={0}config,cn=config
>>>>>> changetype: modify
>>>>>> delete: olcSizeLimit
>>>>>> -
>>>>>> add: olcSizeLimit
>>>>>> olcSizeLimit: 250
>>>>>> -
>>>>>> modifying entry "olcDatabase={0}config,cn=config"
>>>>>> ldap_modify: No such attribute (16)
>>>>>> additional info: modify/delete: olcSizeLimit: no such attribute
>>>>>
>>>>> Why don't you just use this if attribute 'olcSizeLimit' is not in
>>>>> the entry yet?
>>>>
>>>> Part of an automated system.
>>>
>>> Then fix that system.
>>
>> Spare the snide comments.
>
> This was good advice and not a snide comment.
OK. But I hope you can see how that can be read both ways. Because I
am clearly already trying to create that system in the correct way
(i.e., "fix" it), the comment could only be interpreted as snide. I
just hope we can interact with common respect here.
>>>> If -c worked as the man page states,
>>>> this should not be a problem.
>>>
>>> You misinterpret completely what the man page says about option -c.
>>
>> It's easy to interpret it as I have given the vague quality of the man page.
>>
>> -c Continuous operation mode. Errors are reported, but ldapmodify will
>> continue with modifications. The default is to exit
>> after reporting
>> an error.
>>
>> It says nothing about *where* it will continue. Next line, next
>> entry, what? As I've said in my last email, by trial and error, I
>> determined that it continues with the next entry.
>
> Well, because of the LDAP functional model a single LDAP write operation will
> completely succeed or completely fail. And a single LDIF change record piped
> to ldapmodify will result in a *single* write operation.
OK, thank you for the good explanation. I'm not sure if there would
be a better way to encapsulate that into the man page or not.
>>> Read RFC 2849 about how LDIF is structured. And then understand that your LDIF
>>> change record leads to a *single* modify request which obviously fails because
>>> of 'olcSizeLimit' not existing (which is a feature not a bug).
>>
>> Is your answer to all OpenLDAP users coming here for assistance really
>> to read the RFC to clarify vague man pages and other
>> misunderstandings?
>
> If you're aim is to write an automated system - as you wrote before - you have
> to understand how LDIF input data is structured and how LDAP operations are
> processed. Reading RFCs is simply helpful for understanding. So this is simply
> meant as good advice.
Appreciated. Thanks again for being generous with your time.