Bug 35208 - add ldap server option to univention-policy-update-config-registry.py
add ldap server option to univention-policy-update-config-registry.py
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: univention-base-files
UCS 4.3
Other Linux
: P5 normal (vote)
: UCS 4.4-0-errata
Assigned To: Jannik Ahlers
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-06-27 12:45 CEST by Felix Botner
Modified: 2019-04-10 14:19 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
best: Patch_Available+


Attachments
add-ldap-server-option.patch (1.63 KB, patch)
2014-06-27 12:46 CEST, Felix Botner
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2014-06-27 12:45:08 CEST
We need an optional option -l|--ldap-server in univention-policy-update-config-registry.py in order to define the ldap server to look for policies (default ldap/server -> local ldap).
Comment 1 Felix Botner univentionstaff 2014-06-27 12:46:17 CEST
Created attachment 5976 [details]
add-ldap-server-option.patch
Comment 2 Florian Best univentionstaff 2017-06-28 14:52:49 CEST
There is a Customer ID set so I set the flag "Enterprise Customer affected".
Comment 3 Jannik Ahlers univentionstaff 2019-03-14 11:06:12 CET
I applied the patch Felix made.

Successful build
Package: univention-base-files
Version: 8.0.0-3A~4.4.0.201903141103
Branch: ucs_4.4-0
Scope: errata4.4-0

7d48096 Bug #35208: yaml
d880a03 Bug #35208: changelog
6faa4b1 Bug #35208: added ldap server option to script univention-policy-update-config-registry.py
Comment 4 Arvid Requate univentionstaff 2019-03-14 16:10:54 CET
root@master10:~# /usr/lib/univention-directory-policy/univention-policy-update-config-registry -l something
could not open policy for cn=master10,cn=dc,cn=computers,dc=ar41i1,dc=qa
Comment 5 Arvid Requate univentionstaff 2019-03-14 16:15:42 CET
Looking at the code it might be difficult to add a better error message, what do you think? I would be ok with the code as it is.
Comment 6 Jannik Ahlers univentionstaff 2019-03-14 16:33:29 CET
There has been a better error message in the past, but it has been deactivated for some reason:

if proc.wait() != 0:
	# no output: this script is called by cron
	# print 'WARN: univention_policy_result failed - LDAP server may be down'

git blame doesn't give any meaningful result as to why that is as the code was refactored. I don't want to break anything, so it should stay as it is.
Comment 7 Arvid Requate univentionstaff 2019-03-14 17:04:26 CET
Verified:
* Code
* Function
* Advisory
Comment 8 Arvid Requate univentionstaff 2019-03-19 14:20:29 CET
We also need a backport for 4.3-3
Comment 9 Arvid Requate univentionstaff 2019-03-20 11:47:22 CET
I've simply cloned the bug for 4.3, and will set this back to verified.
Comment 10 Erik Damrose univentionstaff 2019-04-10 14:19:04 CEST
<http://errata.software-univention.de/ucs/4.4/44.html>