Bug 47706 - listener/system/umc-service-providers.py restarts slapd in postrun on every change of univentionService
listener/system/umc-service-providers.py restarts slapd in postrun on every c...
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: SAML
UCS 4.4
Other Linux
: P5 normal (vote)
: UCS 4.4-2-errata
Assigned To: Florian Best
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-08-31 13:16 CEST by Felix Botner
Modified: 2021-02-18 07:35 CET (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 5: Will affect all installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.229
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Cleanup, Troubleshooting, UCS Performance
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2018-08-31 13:16:49 CEST
if 'Univention Management Console' in new.get('univentionService', []):
            handler_set(['umc/saml/trusted/sp/%s=%s' % (fqdn, fqdn)])
            __changed_trusted_sp = True


__changed_trusted_sp = True -> slapd restart

So every time univentionService is changed, the slapd is restarted.

This is not necessary  and potential dangerous. I installed an App, this failed because the app add a univentionService and wanted to do something with ldap in the join script. This failed because the slapd has been restarted.

I think we should only changed the ucr settings and restart slapd if the 'Univention Management Console' service has been added or removed.
Comment 1 Felix Botner univentionstaff 2018-08-31 16:35:09 CEST
and change
 ud.debug(ud.LISTENER, ud.INFO, '%s: Reloading LDAP server.' % (name,))
to
 ud.debug(ud.LISTENER, ud.PROCESS, '%s: Reloading LDAP server.' % (name,))

so that we can see who is restarting the slapd (with the default loglevel)
Comment 2 Florian Best univentionstaff 2019-03-17 00:15:40 CET
Good!
Patch available in fbest/47706-decrease-slapd-restart.
Comment 3 Florian Best univentionstaff 2019-10-10 10:35:42 CEST
Patch applied in:

univention-management-console.yaml
596327edb2c9 | Bug #47706: do not restart slapd on every service change

univention-management-console (11.0.4-38)
596327edb2c9 | Bug #47706: do not restart slapd on every service change
Comment 4 Felix Botner univentionstaff 2019-10-14 11:26:33 CEST
OK - univention-management-console
OK - yaml
Comment 5 Arvid Requate univentionstaff 2019-10-16 16:59:31 CEST
<http://errata.software-univention.de/ucs/4.4/310.html>