Bug 30636 - univention-user-quota does not support share names with whitespaces
univention-user-quota does not support share names with whitespaces
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Quota
UCS 3.1
Other Linux
: P5 normal (vote)
: UCS 3.1-1-errata
Assigned To: Lukas Walter
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-03-04 10:14 CET by Janis Meybohm
Modified: 2013-05-22 16:12 CEST (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Janis Meybohm univentionstaff 2013-03-04 10:14:51 CET
univention-user-quota uses a loop like:
---
for s in `/usr/bin/ldapsearch -x -h $ldap_server_name -p "$ldap_server_port" -ZZ -D "$ldap_hostdn" -y /etc/machine.secret "(&(objectClass=univentionShare)(univentionShareHost=$hostname.$domainname))" | ldapsearch-wrapper | grep "^dn:\|^univentionSharePath:" | awk '{print $2}'`
---

this does not support shares names with whitespaces.
Comment 1 Lukas Walter univentionstaff 2013-03-12 09:44:08 CET
This has been corrected.


univention-quota (7.0.5-1) unstable; urgency=low
  * fixed handling of share names containing whitespaces (Bug #30636)

svn 39535
Comment 2 Stefan Gohmann univentionstaff 2013-03-20 11:46:57 CET
That does not work for me.

I've created two shares:

/usr/bin/ldapsearch -x -h master691.deadlock69.local -p 7389 -ZZ -LLL -D cn=master691,cn=dc,cn=computers,dc=deadlock69,dc=local -y /etc/machine.secret '(&(objectClass=univentionShare)(univentionShareHost=master691.deadlock69.local))' dn univentionSharePath
dn: cn=te st1,cn=shares,dc=deadlock69,dc=local
univentionSharePath: /mnt/te st1

dn: cn=x 1,cn=shares,dc=deadlock69,dc=local
univentionSharePath: /boot/x 1

The script calls something like this:

root@master691:~# /usr/bin/ldapsearch -x -h $ldap_server_name -p "$ldap_server_port" -ZZ -LLL -D "$ldap_hostdn" -y /etc/machine.secret "(&(objectClass=univentionShare)(univentionShareHost=$hostname.$domainname))" dn univentionSharePath | ldapsearch-wrapper  | sed -n 's/^[^:]*:\s*\(.*\)/\1/p'
cn=te st1,cn=shares,dc=deadlock69,dc=local
/mnt/te st1
cn=x 1,cn=shares,dc=deadlock69,dc=local
/boot/x 1

But more in this way:

root@master691:~# for s in $(/usr/bin/ldapsearch -x -h $ldap_server_name -p "$ldap_server_port" -ZZ -LLL -D "$ldap_hostdn" -y /etc/machine.secret "(&(objectClass=univentionShare)(univentionShareHost=$hostname.$domainname))" dn univentionSharePath | ldapsearch-wrapper  | sed -n 's/^[^:]*:\s*\(.*\)/\1/p'); do echo "→ $s"; done
→ cn=te
→ st1,cn=shares,dc=deadlock69,dc=local
→ /mnt/te
→ st1
→ cn=x
→ 1,cn=shares,dc=deadlock69,dc=local
→ /boot/x
→ 1
root@master691:~#

And that fails. This tool should be re-written in python. I've removed the changelog entry, reverted the commit and moved it to 3.1-1-errata.
Comment 3 Lukas Walter univentionstaff 2013-04-22 17:38:58 CEST
The script has been rewritten in python and tested. It is meant to behave like the old version and, so far, it seems to do so.
Before being published as errata, this should be tested carefully in the QA.


Package has been rebuild in ucs3.1-2 and errata3.1-1 scopes.

YAML:
product: ucs
release: "3.1"
scope: ucs_3.1-0-errata3.1-1
src: univention-quota
fix: 7.0.5-3.98.201304221733
note:
version: [1]
desc: |
  This update fixes a problem with the univention-user-quota script
  related to shares with whitespaces in their names.
bug: [30636]
Comment 4 Felix Botner univentionstaff 2013-04-26 12:34:07 CEST
* add a short description to univention-user-quota -h

* indention in get_quota_mountpoints() looks a little messed up

* use "univention.uldap.getMachineConnection(ldap_master=False" instead of 
  univention.admin.uldap.getAdminConnection()
Comment 5 Lukas Walter univentionstaff 2013-04-26 13:00:15 CEST
(In reply to comment #4)
> * add a short description to univention-user-quota -h
> 
> * indention in get_quota_mountpoints() looks a little messed up
> 
> * use "univention.uldap.getMachineConnection(ldap_master=False" instead of 
>   univention.admin.uldap.getAdminConnection()

Points have been corrected.
YAML Version: 7.0.5-7.107.201304261257
Comment 6 Felix Botner univentionstaff 2013-04-26 16:12:46 CEST
univention-user-quota can now deal with whitespaces in share names. 

But the pam integration seems to be broken.

-> more /etc/pam.d/common-session| grep quota
session    optional   pam_runasroot.so program=/usr/sbin/univention-user-quota

But a login with a testuser does not update the quota settings.
Comment 7 Lukas Walter univentionstaff 2013-05-06 16:22:56 CEST
(In reply to comment #6)
> univention-user-quota can now deal with whitespaces in share names. 
> 
> But the pam integration seems to be broken.
> 
> -> more /etc/pam.d/common-session| grep quota
> session    optional   pam_runasroot.so program=/usr/sbin/univention-user-quota
> 
> But a login with a testuser does not update the quota settings.

The script caused a traceback which was quite hard to find as it did not get logged anywhere:
==================================================================
Traceback (most recent call last):
  File "/usr/sbin/univention-user-quota", line 121, in <module>
    user = sys.argv[1] if len(sys.argv) > 1 else os.getlogin()
OSError: [Errno 25] Inappropriate ioctl for device

To bypass this problem, os.environ['USER'] is now user insead of os.getlogin() as fallback if no username has been passed to the script. PAM integration seems to be working now.


YAML-Version: 7.0.5-9.110.201305061604
Comment 8 Felix Botner univentionstaff 2013-05-21 14:24:34 CEST
OK - errata3.1-1
OK - yaml

OK - ucs3.1-2
OK - changelog
Comment 9 Moritz Muehlenhoff univentionstaff 2013-05-22 16:12:02 CEST
http://errata.univention.de/ucs/3.1/105.html