On Mon, Jan 21, 2013 at 12:50 PM, Michael Ströder michael@stroeder.com wrote:
Ori Bani wrote:
On Mon, Jan 21, 2013 at 12:42 PM, Michael Ströder michael@stroeder.com wrote:
Ori Bani wrote:
Thanks so much for the reply. Can you please clarify --
Am I doing something wrong? Here is an example:
$ ldapmodify -c -x -D 'cn=config' -W Enter LDAP Password: <password> dn: olcDatabase={0}config,cn=config changetype: modify delete: olcSizeLimit
modifying entry "olcDatabase={0}config,cn=config" ldap_modify: No such attribute (16) additional info: modify/delete: olcSizeLimit: no such attribute
Option -c does not mean that you can override any server-side checking. It just means that processing the LDIF input is continued.
In your case entry olcDatabase={0}config,cn=config simply does not contain attribute 'olcSizeLimit' which is what the error message says.
I'd be fine if that was the case, but I'm not seeing it work as you suggest (processing does NOT continue). Surely I'm doing something wrong. Here is an example of a situation where the subsequest action in the LDIF is ignored after the error:
$ ldapmodify -c -x -D 'cn=config' -W Enter LDAP Password: <password> dn: olcDatabase={0}config,cn=config changetype: modify delete: olcSizeLimit
add: olcSizeLimit olcSizeLimit: 250
modifying entry "olcDatabase={0}config,cn=config" ldap_modify: No such attribute (16) additional info: modify/delete: olcSizeLimit: no such attribute
Why don't you just use this if attribute 'olcSizeLimit' is not in the entry yet?
Part of an automated system.
Then fix that system.
Spare the snide comments.
If -c worked as the man page states, this should not be a problem.
You misinterpret completely what the man page says about option -c.
It's easy to interpret it as I have given the vague quality of the man page.
-c Continuous operation mode. Errors are reported, but ldapmodify will continue with modifications. The default is to exit after reporting an error.
It says nothing about *where* it will continue. Next line, next entry, what? As I've said in my last email, by trial and error, I determined that it continues with the next entry.
dn: olcDatabase={0}config,cn=config changetype: modify add: olcSizeLimit olcSizeLimit: 250
After all -c works as expected: If you have more than one records in your LDIF file it will try to process the next one.
I just showed you that this is not true in my case. Why are you saying this? What am I not understanding?
Read RFC 2849 about how LDIF is structured. And then understand that your LDIF change record leads to a *single* modify request which obviously fails because of 'olcSizeLimit' not existing (which is a feature not a bug).
Is your answer to all OpenLDAP users coming here for assistance really to read the RFC to clarify vague man pages and other misunderstandings? Rather, isn't this community here to help in more productive ways?