Comment 1 Arvid Requate 2013-08-28 14:44:32 CEST

Sorry, typo: "ldap/acl" is required here.

Comment 2 Arvid Requate 2013-09-02 20:45:30 CEST

The UDM module has been implemented under the name settings/ldapacl.
The ACL data is expected to be gzip-compressed and base64 encoded.
Changelog adjusted.

Comment 3 Arvid Requate 2013-09-04 16:50:11 CEST

The following validations have been added:
 * ACL data is checked to be gzipped
 * filename is checked to not contain '/'
 * packageversion is checked to be a valid Debian version number
 * Non-tivial modifications of the object require an increase of the packageversion unless the packagename is changed as well. A trivial modification is the modifcation of the active flag.

Comment 4 Alexander Kläser 2013-09-11 13:35:11 CEST

I just updated the packages via UMC which in turn crashed the UMC server:

====================
11.09.13 07:15:32.011  MAIN        ( ERROR   ) : Traceback (most recent call last):
  File "/usr/sbin/univention-management-console-server", line 209, in <module>
    umc_daemon.do_action()
  File "/usr/lib/pymodules/python2.6/daemon/runner.py", line 186, in do_action
    func(self)
  File "/usr/sbin/univention-management-console-server", line 142, in _restart
    self._start()
  File "/usr/lib/pymodules/python2.6/daemon/runner.py", line 131, in _start
    self.app.run()
  File "/usr/sbin/univention-management-console-server", line 192, in run
    notifier.loop()
  File "/usr/lib/pymodules/python2.6/notifier/nf_generic.py", line 284, in loop
    step()
  File "/usr/lib/pymodules/python2.6/notifier/nf_generic.py", line 271, in step
    not __sockets[ cond ][ fd ]( sock_obj ):
  File "/usr/lib/pymodules/python2.6/univention/management/console/protocol/server.py", line 165, in _receive
    self._handle( state, msg )
  File "/usr/lib/pymodules/python2.6/univention/management/console/protocol/server.py", line 279, in _handle
    state.processor = Processor( *state.credentials() )
  File "/usr/lib/pymodules/python2.6/univention/management/console/protocol/session.py", line 207, in __init__
    udm_modules.update()
  File "/usr/lib/pymodules/python2.6/univention/admin/modules.py", line 94, in update
    os.path.walk(dir, _walk, p)
  File "/usr/lib/python2.6/posixpath.py", line 236, in walk
    walk(name, func, arg)
  File "/usr/lib/python2.6/posixpath.py", line 228, in walk
    func(arg, top, names)
  File "/usr/lib/pymodules/python2.6/univention/admin/modules.py", line 78, in _walk
    m=__import__(mod, globals(), locals(), name)
  File "/usr/lib/pymodules/python2.6/univention/admin/handlers/settings/udm_syntax.py", line 69, in <module>
    syntax=univention.admin.syntax.BaseFilename,
AttributeError: 'module' object has no attribute 'BaseFilename'

11.09.13 07:15:32.038  MAIN        ( PROCESS ) : Processor: dying
====================

Comment 5 Alexander Kläser 2013-09-11 13:37:15 CEST

I thought tracebacks like this should have been fixed via Bug 31154. Maybe we need an erratum to enable a correct update?

Comment 6 Arvid Requate 2013-09-11 16:03:11 CEST

The traceback is not triggered by settings/ldapacl. The new BaseFilename syntax is shipped by python-univention-directory-manager, the same package which installed udm_syntax.py, the file that actually triggers the traceback. So I would assume that this traceback is due to python-univention-management-console not having loaded the updated univention.admin.syntax module before calling udm_modules.update(). Anyway, not related to this bug.

Comment 7 Alexander Kläser 2013-09-11 16:50:28 CEST

OK, I opened Bug 32565 for the problem.

Comment 8 Arvid Requate 2013-09-16 17:53:59 CEST

* Compression was changed to bzip2 due to limitations of the python zlib module.
* Version check has been relaxed to only deny downgrades.

Comment 9 Stefan Gohmann 2013-09-23 08:43:27 CEST

I'm not able to open ldapschema objects via UMC. I see the following message:

 21.09.13 02:52:47.525  MODULE      ( PROCESS ) : Could not convert UDM syntax Bzip2Base64Upload

Comment 10 Stefan Gohmann 2013-09-23 08:44:48 CEST

(In reply to Stefan Gohmann from comment #9)
> I'm not able to open ldapschema objects via UMC. I see the following message:
> 
>  21.09.13 02:52:47.525  MODULE      ( PROCESS ) : Could not convert UDM
> syntax Bzip2Base64Upload

Tests via CLI are OK, I've added some test cases to ucs-test:

* 71_udm-settings/35_create_ldap_acl
* 71_udm-settings/36_create_full_ldap_acl
* 71_udm-settings/37_create_invalid_ldap_acl

Comment 11 Stefan Gohmann 2013-09-23 14:02:09 CEST

Wait until Arvid is back.

Comment 12 Arvid Requate 2013-10-14 18:46:06 CEST

Comment 4 was due to bug 32565.

Comment 13 Stefan Gohmann 2013-10-18 19:12:12 CEST

Arvid, see r45346 in ucs-school-3.2/ucs-school-ldap-acls-master. I added read access for the DC slaves for the following containers: cn=apps, cn=udm:module, cn=ldapacl and  cn=ldapschema. Without this permission the join failed. Please adjust or close the bug again.

Comment 14 Arvid Requate 2013-10-21 14:49:34 CEST

Checked in and built.

Comment 15 Stefan Gohmann 2013-10-22 09:58:22 CEST

(In reply to Arvid Requate from comment #14)
> Checked in and built.

You changed it in ucs, I changed it in UCS@school. I don't think we need both.

Comment 16 Arvid Requate 2013-10-22 14:12:52 CEST

Ok, change of comment 14 reverted.

Comment 17 Stefan Gohmann 2013-10-25 15:56:43 CEST

Tests: OK

Changelog: OK

Comment 18 Stefan Gohmann 2013-11-19 06:44:03 CET

UCS 3.2 has been released:
 http://docs.univention.de/release-notes-3.2-en.html
 http://docs.univention.de/release-notes-3.2-de.html

If this error occurs again, please use "Clone This Bug".