First Last Prev Next    This bug is not in your last search results.
Bug 54518 - ldap.INVALID_CREDENTIALS in quota.py listener during join
ldap.INVALID_CREDENTIALS in quota.py listener during join
Status: VERIFIED DUPLICATE of bug 54504
Product: UCS
Classification: Unclassified
Component: Quota
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-03-08 09:28 CET by Florian Best
Modified: 2022-03-14 11:10 CET (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2022-03-08 09:28:37 CET 
2 times in /var/log/univention/join.log:
https://jenkins.knut.univention.de:8181/job/UCS-5.0/job/UCS-5.0-1/job/AutotestUpgrade/SambaVersion=s4,Systemrolle=backup/ws/test/join.log
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 216, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 142, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 119, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 191, in getMachineConnection
    return access(host=server, port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 283, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 370, in __open
    self.bind(self.binddn, self.bindpw)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 207, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 303, in bind
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 949, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 223, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
Comment 1 Florian Best univentionstaff 2022-03-08 09:46:47 CET 
567b6ac0e0 Bug #54518: [grep_traceback]: ignore traceback
Comment 2 Philipp Hahn univentionstaff 2022-03-14 10:30:38 CET 
Probably Bug #54504 comment 2
- it only happens for the upgrade test from 4.4-8 to 5.0-x
- due to the broken priority for `replication.py` the local LDAP server does not get replicated.
- `quota.py` tries to connect to the local LDAP server using the machine credentials
- as the local LDAP server is still unprovisioned the connection fails.

The latest run non longer has `ldap.INVALID_CREDENTIALS`.

*** This bug has been marked as a duplicate of bug 54504 ***
Comment 3 Florian Best univentionstaff 2022-03-14 11:10:06 CET 
OK: duplicate

1e78e4f394 Revert "Bug #54518: [grep_traceback]: ignore traceback"
First Last Prev Next    This bug is not in your last search results.