Univention Bugzilla – Bug 32411
UDM module settings/ldapacl
Last modified: 2013-11-19 06:44:03 CET
A new UDM module ldap/schema is required for Bug 32392.
Sorry, typo: "ldap/acl" is required here.
The UDM module has been implemented under the name settings/ldapacl. The ACL data is expected to be gzip-compressed and base64 encoded. Changelog adjusted.
The following validations have been added: * ACL data is checked to be gzipped * filename is checked to not contain '/' * packageversion is checked to be a valid Debian version number * Non-tivial modifications of the object require an increase of the packageversion unless the packagename is changed as well. A trivial modification is the modifcation of the active flag.
I just updated the packages via UMC which in turn crashed the UMC server: ==================== 11.09.13 07:15:32.011 MAIN ( ERROR ) : Traceback (most recent call last): File "/usr/sbin/univention-management-console-server", line 209, in <module> umc_daemon.do_action() File "/usr/lib/pymodules/python2.6/daemon/runner.py", line 186, in do_action func(self) File "/usr/sbin/univention-management-console-server", line 142, in _restart self._start() File "/usr/lib/pymodules/python2.6/daemon/runner.py", line 131, in _start self.app.run() File "/usr/sbin/univention-management-console-server", line 192, in run notifier.loop() File "/usr/lib/pymodules/python2.6/notifier/nf_generic.py", line 284, in loop step() File "/usr/lib/pymodules/python2.6/notifier/nf_generic.py", line 271, in step not __sockets[ cond ][ fd ]( sock_obj ): File "/usr/lib/pymodules/python2.6/univention/management/console/protocol/server.py", line 165, in _receive self._handle( state, msg ) File "/usr/lib/pymodules/python2.6/univention/management/console/protocol/server.py", line 279, in _handle state.processor = Processor( *state.credentials() ) File "/usr/lib/pymodules/python2.6/univention/management/console/protocol/session.py", line 207, in __init__ udm_modules.update() File "/usr/lib/pymodules/python2.6/univention/admin/modules.py", line 94, in update os.path.walk(dir, _walk, p) File "/usr/lib/python2.6/posixpath.py", line 236, in walk walk(name, func, arg) File "/usr/lib/python2.6/posixpath.py", line 228, in walk func(arg, top, names) File "/usr/lib/pymodules/python2.6/univention/admin/modules.py", line 78, in _walk m=__import__(mod, globals(), locals(), name) File "/usr/lib/pymodules/python2.6/univention/admin/handlers/settings/udm_syntax.py", line 69, in <module> syntax=univention.admin.syntax.BaseFilename, AttributeError: 'module' object has no attribute 'BaseFilename' 11.09.13 07:15:32.038 MAIN ( PROCESS ) : Processor: dying ====================
I thought tracebacks like this should have been fixed via Bug 31154. Maybe we need an erratum to enable a correct update?
The traceback is not triggered by settings/ldapacl. The new BaseFilename syntax is shipped by python-univention-directory-manager, the same package which installed udm_syntax.py, the file that actually triggers the traceback. So I would assume that this traceback is due to python-univention-management-console not having loaded the updated univention.admin.syntax module before calling udm_modules.update(). Anyway, not related to this bug.
OK, I opened Bug 32565 for the problem.
* Compression was changed to bzip2 due to limitations of the python zlib module. * Version check has been relaxed to only deny downgrades.
I'm not able to open ldapschema objects via UMC. I see the following message: 21.09.13 02:52:47.525 MODULE ( PROCESS ) : Could not convert UDM syntax Bzip2Base64Upload
(In reply to Stefan Gohmann from comment #9) > I'm not able to open ldapschema objects via UMC. I see the following message: > > 21.09.13 02:52:47.525 MODULE ( PROCESS ) : Could not convert UDM > syntax Bzip2Base64Upload Tests via CLI are OK, I've added some test cases to ucs-test: * 71_udm-settings/35_create_ldap_acl * 71_udm-settings/36_create_full_ldap_acl * 71_udm-settings/37_create_invalid_ldap_acl
Wait until Arvid is back.
Comment 4 was due to bug 32565.
Arvid, see r45346 in ucs-school-3.2/ucs-school-ldap-acls-master. I added read access for the DC slaves for the following containers: cn=apps, cn=udm:module, cn=ldapacl and cn=ldapschema. Without this permission the join failed. Please adjust or close the bug again.
Checked in and built.
(In reply to Arvid Requate from comment #14) > Checked in and built. You changed it in ucs, I changed it in UCS@school. I don't think we need both.
Ok, change of comment 14 reverted.
Tests: OK Changelog: OK
UCS 3.2 has been released: http://docs.univention.de/release-notes-3.2-en.html http://docs.univention.de/release-notes-3.2-de.html If this error occurs again, please use "Clone This Bug".