Bug 44611 - dhcp/pool with dhcpPermitList=members of raises KeyError
dhcp/pool with dhcpPermitList=members of raises KeyError
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC - DHCP
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2-0-errata
Assigned To: Florian Best
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-05-16 13:53 CEST by Florian Best
Modified: 2017-06-15 17:58 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.091
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number: 2017051321000379
Bug group (optional): Error handling, External feedback
Max CVSS v3 score:


Attachments
patch (747 bytes, patch)
2017-05-23 14:20 CEST, Florian Best
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2017-05-16 13:53:10 CEST
Version: 4.2-0 errata15 (Lesum)

Remark: DHCP Pool lässt sich mit 4.2 nicht mehr bearbeiten

Die Ausführung des Kommandos udm/nav/object/query navigation ist fehlgeschlagen:

Traceback (most recent call last):
  File "%PY2.7%/notifier/threads.py", line 82, in _run
    tmp = self._function()
  File "%PY2.7%/notifier/__init__.py", line 104, in __call__
    return self._function( *tmp, **self._kwargs )
  File "%PY2.7%/univention/management/console/modules/udm/__init__.py", line 1061, in _thread
    for module, obj in list_objects(container, object_type=object_type):
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 1047, in list_objects
    yield (module, module.get(dn, so_obj))
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 86, in _decorated
    return method(*args, **kwargs)
  File "%PY2.7%/univention/management/console/ldap.py", line 143, in _decorated
    result = func(*args, **kwargs)
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 511, in get
    obj.open()
  File "%PY2.7%/univention/admin/handlers/dhcp/pool.py", line 168, in open
    prop = self.permits_dhcp2udm[name]
KeyError: 'members of "denyMITEL"'
Comment 1 Florian Best univentionstaff 2017-05-16 13:55:40 CEST
@Philipp:
"members of" is probably a valid value for the dhcpPermitList?!
Comment 3 Philipp Hahn univentionstaff 2017-05-16 14:03:32 CEST
(In reply to Florian Best from comment #1)
> @Philipp:
> "members of" is probably a valid value for the dhcpPermitList?!

 {allow|deny} member of "<class>"
is a restriction not supported by the univention-directory-manager-modules/modules/univention/admin/handlers/dhcp/pool.py # object.permits_dhcp2udm
it requires further defining classes (and sub-classes) via local.conf (or dhcpStatement in LDAP).
See "man 5 dhcpd.conf /ALLOW AND DENY WITHIN POOL DECLARATIONS/"
Comment 4 mahescho 2017-05-23 13:55:40 CEST
So what to do to fix my DHCP pool?
Comment 5 Florian Best univentionstaff 2017-05-23 14:20:38 CEST
Created attachment 8876 [details]
patch

The following patch will help. You can apply it with:
patch -p8 --dry-run -d /usr/share/pyshared/univention/admin/handlers/dhcp/ < 44611.patch

I am afraid there is no other workaround than applying the manual patch. I think we can release an errata update soon.

I tested the patch, especially when modifying the object the current set values which UDM can't handle are kept untouched.
Comment 6 Florian Best univentionstaff 2017-05-23 14:25:16 CEST
(In reply to Florian Best from comment #5)
> The following patch will help. You can apply it with:
> patch -p8 --dry-run -d /usr/share/pyshared/univention/admin/handlers/dhcp/ <
> 44611.patch
Oups, the correct command is:
patch -p8 -d /usr/share/pyshared/univention/admin/handlers/dhcp/ < 44611.patch
Comment 7 mahescho 2017-05-23 14:49:33 CEST
Cool, thanks, works!
Comment 8 Florian Best univentionstaff 2017-05-24 12:44:54 CEST
I applied the patch for UCS 4.2-errata.

univention-directory-manager-modules (12.0.17-8):
r79636 | Bug #44611: make dhcpPermitList of dhcp pools robust against values unknown by UDM

univention-directory-manager-modules.yaml:
r79637 | YAML Bug #44611
Comment 9 Philipp Hahn univentionstaff 2017-05-28 19:29:38 CEST
OK: errata-announce -V --only univention-directory-manager-modules.yaml
FIXED: univention-directory-manager-modules.yaml

OK: ldapmodify -H ldapi:/// -Y EXTERNAL <<<__LDIF__
dn: cn=thin,cn=10.200.17.0,cn=dhcp,cn=dhcp,${LDAP_BASE}
changetype: modify
add: dhcpPermitList
dhcpPermitList: allow member of "thin"
__LDIF__
OK: python-univention-directory-manager 12.0.17-9A~4.2.0.201705261339
OK: r79636 (white-space-error: tab-after-space)
Comment 10 Janek Walkenhorst univentionstaff 2017-06-15 17:58:18 CEST
<http://errata.software-univention.de/ucs/4.2/41.html>