Bug 32542 - modify after remove corrupts pickle file when moving to a non readable location
modify after remove corrupts pickle file when moving to a non readable location
Product: UCS
Classification: Unclassified
Component: S4 Connector
UCS 3.1
Other Linux
: P5 normal (vote)
: UCS 3.1-1-errata
Assigned To: Stefan Gohmann
Felix Botner
Depends on:
Blocks: 41884 41900
  Show dependency treegraph
Reported: 2013-09-10 15:37 CEST by Tim Petersen
Modified: 2016-08-03 06:05 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Patch for s4-connector.py (705 bytes, patch)
2013-09-10 15:37 CEST, Tim Petersen
Details | Diff
corrupt pickle file (2.91 KB, text/plain)
2013-09-10 15:49 CEST, Tim Petersen

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Petersen univentionstaff 2013-09-10 15:37:58 CEST
Created attachment 5420 [details]
Patch for s4-connector.py

If moving a windows client from cn=computers,$ldap_base to cn=computers,cn=schoolou,$ldap_base every school slave which cannot read this schoolou creates the Group "Windows Hosts" in s4 instead.

5607 cn=windowskaputt,cn=computers,dc=schoolmulti-s4,dc=qa r
5608 cn=windowskaputt,cn=computers,ou=schule2,dc=schoolmulti-s4,dc=qa a
5609 cn=Windows Hosts,cn=groups,dc=schoolmulti-s4,dc=qa m #(normal membership update)

The pickle file loads itself with 5607 as old_dn (because of the actiontype "r") - it expects the "a" action now, but never "sees" 5608 (selective replication in UCS@School). Instead it uses 5609 and the following happens in the connector:

"move group from [cn=windowskaputt,cn=computers,dc=schoolmulti-s4,dc=qa] to [cn=Windows Hosts,cn=groups,dc=schoolmulti-s4,dc=qa]"

The attached patch prevents this.
This is totally untested for other operations and should only concrete the behaviour a bit more.
Comment 1 Tim Petersen univentionstaff 2013-09-10 15:49:44 CEST
Created attachment 5421 [details]
corrupt pickle file

>>> import cPickle
>>> x = cPickle.load(open('1378820790.898377','r'))
>>> x[1]
{'sambaGroupType': ['2'], 'hasSubordinates': ['FALSE'], 'entryCSN': ['20130910134630.637935Z#000000#000#000000'], 'cn': ['Windows Hosts'][.......]
>>> x[2]
{'sambaGroupType': ['2'], 'hasSubordinates': ['FALSE'], 'entryCSN': ['20130910134421.392475Z#000000#000#000000'], 'cn': ['Windows Hosts'][.......]
>>> x[3]

pickle file attached
Comment 2 Tim Petersen univentionstaff 2013-09-10 15:50:58 CEST
Just to make sure: The pickle file wasn't saved so this is a new reproduction where the windows client name was "asd" - just to make it more complicated ;)
Comment 3 Stefan Gohmann univentionstaff 2013-09-25 08:18:11 CEST
The moved windows client will not be removed from the school which is no longer able to read the client. I split it into a new bug because it is not critical: Bug #32685.

3.2 Fixes: r44419 + r44444
3.2 Changelog: r44439
3.1 Fixes: r44418 + r44443
3.1 YAML: r44420
Comment 4 Felix Botner univentionstaff 2013-09-26 10:56:15 CEST
OK - errata3.1-1

OK - ucs3.2-0
OK - Changelog
Comment 5 Stefan Gohmann univentionstaff 2013-10-02 07:14:53 CEST
I saw the following error in the listener.log while installing a new system:

Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/s4-connector.py", line 141, in handler
NameError: global name 'ob' is not defined

UCS 3.2: r44666
UCS 3.1-1: r44667
YAML: r44668
Comment 6 Felix Botner univentionstaff 2013-10-07 09:59:39 CEST
07.10.13 09:58:17.884  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/s4-connector.py failed
  File "/usr/lib/univention-directory-listener/system/s4-connector.py", line 143
    _dump_changes_to_file_and_check_file(directory, dn, new, old, old_dn)
SyntaxError: invalid syntax

====> group_objects.append((dn, new, old, old_dn)
Comment 7 Stefan Gohmann univentionstaff 2013-10-07 10:29:37 CEST
fixed with r44802
Comment 8 Felix Botner univentionstaff 2013-10-07 11:16:46 CEST
Comment 9 Moritz Muehlenhoff univentionstaff 2013-10-07 14:44:28 CEST