Branch '2.3-stable' - 1st.README

Git Service User git at kolabsys.com
Thu Apr 14 11:32:52 CEST 2011 

 1st.README |   99 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 99 insertions(+)

New commits:
commit b2dbeca75ea91e8c44de16c198228bec6cfddf41
Author: Christoph Wickert <wickert at kolabsys.com>
Date:   Thu Apr 14 11:32:46 2011 +0200

    release-notes.txt: Initial draft of 2.3.0 update instructions

diff --git a/1st.README b/1st.README
index d570044..93fdefc 100644
--- a/1st.README
+++ b/1st.README
@@ -126,6 +126,105 @@ Or alternatively if the Kolab server was stopped before the upgrade:
 # /kolab/bin/openpkg rc all start
 
 
+Upgrade from 2.2.4 to 2.3.0
+---------------------------
+
+FIXME: Pakete entfernen
+FIXME: rfc2739.schema muss raus bzw darf niht zurückgemerged werden
+FIXME: Pakete recompilern für opelssl
+
+OpenLDAP has been updated to version 2.4.23 in this release of Kolab. As this 
+introduces many changes to your LDAP setup, please read these instructions 
+carefully.
+
+Due to a change in OpenLDAP's core.schema the 'countryName' or 'c' attribute 
+no longer allows using free text but only 2-letter codes from ISO 3166. If you 
+use the 'countryName' attribute to store data, you will have to continue using
+your old core.schema or to replace your own values with ISO country codes.
+
+Both procedures are described here as follows.
+
+0. Make a backup of your installation and data stored inside /kolab
+
+1. The Kolab server must be stopped:
+
+    # /kolab/bin/openpkg rc all stop
+
+2. Save the current LDAP data:
+
+   Copy the contents of the openldap database, use a different output
+   filename if you want. You should make sure that no other users can
+   read the sensitive data contained in the ldif file, e.g. with umask
+   (limited to the slapcat call by using parentheses):
+
+   # (umask 077 && /kolab/sbin/slapcat > ~/kolab-2.2.4.ldif)
+
+3. Start the standard upgrade:
+   (as described in the General update instructions)
+
+   # sh install-kolab.sh 2>&1 | tee /root/kolab-update.log
+
+Replacing values (recommended)
+
+Because of the unlimited number of possible values we cannot provide an 
+upgrade script. , but here is a little help for you:
+
+4. To get a list of values used in the countryName attribute run
+
+   # grep ^c: ~/kolab-2.2.4.ldif | awk '{print $2}' | sort -u
+
+5. Replace the values with the ISO country codes from 
+   http://www.iso.org/iso/english_country_names_and_code_elements
+   To replace for example "Germany" with the code "DE", run
+   
+   #  sed 's|^c: Germany|c: DE|g' ~/kolab-2.2.4.ldif > ~/kolab-2.3.0.ldif
+
+6. Import the ldif again
+
+   # /kolab/sbin/slapadd < ~/new-format.ldif
+
+Keeping old values
+
+If you cannot change the countryName attributes of your users, you need do 
+continue using your old core.schema. Make sure to do a backup before you 
+upgrade to Kolab 2.3 and restore the file from the backup once the upgrade is 
+done.
+
+4. /kolab/etc/openldap/schema/core.schema will be saved as core.rpmsave,
+   please move it back to the original name:
+
+   # cd /kolab/etc/openldap && mv core.schema.rpmsave core.schema
+
+   FIXME: verify that the file is really saved as rpmsave
+   FIXME: is core.ldif needed?
+
+In previous versions of the Kolab Server, the distinguishing name (dn) to name 
+users was built from their common name (cn) attribute and the cn was built 
+from the attributes 'givenName' (e.g. John) and 'sn' (Doe). Therefore it was 
+not possible to have two users of the same name or two accounts for the same 
+person (cn=John Doe) since each dn must be distinct.
+
+Kolab 2.3 uses the 'uid' attribute to build the dn. This change is backwards 
+compatible. Existing users will continue to use the old dn while new users 
+will be created following the new scheme. This means that you can create an 
+account with the same cn after the upgrade.
+
+To take however full advantage of the new scheme, you need to convert your 
+LDAP with the script 'phpdn' from FIXME. To convert your existing 
+LDAP, please run the following commands as root or user 'kolab':
+
+FIXME: needs to be checked
+
+# /kolab/sbin/slapcat > ~/old-format.ldif
+# php phpdn.php -i old-format.ldif -o new-format.ldif
+# /kolab/sbin/slappadd < ~/new-format.ldif
+
+Synchronization between master and slaves is now performed using syncrepl 
+instead of slurpd. This change requires no further modifications on your side, 
+but if you are running multiple Kolab servers, make sure to upgrade them at 
+the same time.
+
+
 Upgrade from 2.2.3 to 2.2.4
 ---------------------------

More information about the commits mailing list