Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport][ipa-4-6] Add index and container for RFC 2307 IP services #2669

Closed
wants to merge 1 commit into from
Closed

[Backport][ipa-4-6] Add index and container for RFC 2307 IP services #2669

wants to merge 1 commit into from

Conversation

tiran
Copy link
Member

@tiran tiran commented Dec 11, 2018

This PR was opened automatically because PR #2661 was pushed to master and backport to ipa-4-6 is required.

@tiran
Add index and container for RFC 2307 IP services
f7734ed 
IPA doesn't officially support RFC 2307 IP services. However SSSD has a
nsswitch plugin to provide service lookups. The subtree search for
(&(ipserviceport=$PORT)(ipserviceprotocol=$SRV)(objectclass=ipservice)) in
cn=accounts,$SUFFIX has caused performance issues on large
installations.

This patch introduced a dedicated container
cn=ipservices,cn=accounts,$SUFFIX for IP services for future use or 3rd
party extensions. SSSD will be change its search base in an upcoming
release, too.

A new ipServicePort index is added to optimize searches for an IP
service by port. There is no index on ipServiceProtocol because the index
would have poor selectivity. An ipService entry has either 'tcp' or 'udp'
as protocol.

Fixes: https://pagure.io/freeipa/issue/7797
See: https://pagure.io/freeipa/issue/7786
Signed-off-by: Christian Heimes <cheimes@redhat.com>
@tiran tiran added the ack Pull Request approved, can be merged label Dec 11, 2018
@tiran
Copy link
Member Author

tiran commented Dec 11, 2018

PR was ACKed automatically because this is backport of PR #2661. Wait for CI to finish before pushing. In case of questions or problems contact @tiran who is author of the original PR.

@tiran tiran added the pushed Pull Request has already been pushed label Dec 13, 2018
@tiran
Copy link
Member Author

tiran commented Dec 13, 2018

ipa-4-6:

  • df606ff Add index and container for RFC 2307 IP services

@tiran tiran closed this Dec 13, 2018
@tiran tiran deleted the backport_pr2661_ipa-4-6 branch March 29, 2019 09:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
ack Pull Request approved, can be merged pushed Pull Request has already been pushed
Projects
None yet
Milestone
No milestone
1 participant
@tiran