Bug 47601 – Provide method to "rejoin" app containers

Bug 47601 - Provide method to "rejoin" app containers


Summary:	Provide method to "rejoin" app containers

Status:	RESOLVED WONTFIX

Product:	UCS
Classification:	Unclassified
Component:	App Center
Version:	UCS 4.3
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	App Center maintainers
QA Contact:	App Center maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2018-08-17 11:35 CEST by Valentin Heidelberger
Modified:	2021-05-14 16:34 CEST (History)
CC List:	2 users (show)

See Also:	47492
What kind of report is it?:	Feature Request
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Valentin Heidelberger

2018-08-17 11:35:06 CEST

A customer had the following problem:

The nextcloud container creates a memberserver object and uses it for LDAP binds:

cn=nextc-52593883,cn=memberserver,cn=computers,dc=ldap,dc=base

The customer upgraded the nextcloud app. 
The memberserver object was deleted and a new one was created:

Deleted: cn=nextc-52593883,cn=memberserver,cn=computers,dc=ldap,dc=base
Created: cn=nextc-42830969,cn=memberserver,cn=computers,dc=ldap,dc=base

Afterwards the customer reset the host system to a snapshot taken before the app upgrade. Now the app's container's hostname was nextc-52593883 again. The memberserver object for that hostname was gone though, which resulted in LDAP binds failing.

It would be nice to have a subcommand for univention-app which creates a memberserver object for a certain container app using it's hostname, the app's name and version and the /etc/machine.secret
Using that command would at least fix the old LDAP bind configuration of the app immediately.
Cleaning up the objects (and app center registrations?) could also be done (maybe with a separate parameter)

univention-app rejoin nextcloud

Comment 1 Erik Damrose

2018-08-17 11:47:55 CEST

Fixing bug 47492 might make this request obsolete. Maybe it can be considered as a duplicate?

Comment 2 Valentin Heidelberger

2018-08-17 11:54:17 CEST

(In reply to Erik Damrose from comment #1)
> Fixing bug 47492 might make this request obsolete. Maybe it can be
> considered as a duplicate?

Is there already a decision that bug 47492 will be fixed the way Stefan described there? In that case this would be partly obsolete indeed.
It might still be helpful to be able to reset the machine account password with such a command.

Comment 3 Ingo Steuwer

2021-05-14 15:42:32 CEST

This issue has been filed against UCS 4.3.

UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.