Univention Bugzilla – Bug 45538
ucs-school-import schema: OID collision
Last modified: 2019-03-12 10:58:49 CET
We have an OID collision in ucs-school-import/schema/ucs-school-import.schema: objectIdentifier univentionSchool 1.3.6.1.4.1.10176.4000.2 attributetype ( univentionSchool:53.5 NAME 'ucsschoolSourceUID' DESC 'Identifier of external database from which the user was imported.' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) objectclass ( univentionSchool:53.5 NAME 'ucsschoolExam' DESC 'auxiliary class for exam users' SUP ucsschoolType AUXILIARY )
We have to check if it is possible to change the OID of either the attribute or the objectclass without problems with existing data/ldapsearch/indices/replication/...
objectclass ucsschoolAdministratorGroup and objectclass ucsschoolImportGroup have SUP ucsschoolType which gives them attributes MAY ( ucsschoolSchool $ ucsschoolSourceUID $ ucsschoolRecordUID $ ucsschoolPurgeTimestamp ) ) all of which they do not use or need.
(In reply to Daniel Tröder from comment #2) > objectclass ucsschoolAdministratorGroup and > objectclass ucsschoolImportGroup > have > SUP ucsschoolType > which gives them attributes > MAY ( ucsschoolSchool $ ucsschoolSourceUID $ ucsschoolRecordUID $ > ucsschoolPurgeTimestamp ) ) > all of which they do not use or need. → please check if this change is still required.
When changing the OID of ucsschoolExam, a rebuild of at least the objeclass index is required → bug deferred until next major UCS@school release.
I created some users (anton1...anton12) and added the objectclass and the attribute to some of them (all permutations). root@master122:~# cat > testOID.sh <<EOF #!/bin/sh -x ldapsearch -x -s base -o ldif-wrap=no -b cn=Subschema 'objectClass=subschema' objectClasses attributeTypes matchingRules matichingRuleUse dITStructureRules dITContentRules nameForms ldapSyntaxes | egrep "'(ucsschoolExam|ucsschoolSourceUID|53.10|53.5)'" univention-ldapsearch 'uid=anton*' -LLL objectClass ucsschoolSourceUID | egrep '^(dn: |objectClass: ucsschoolExam|ucsschoolSourceUID:|$)' univention-ldapsearch objectClass=ucsschoolExam dn -LLL univention-ldapsearch ucsschoolSourceUid=Bug45538 dn -LLL univention-ldapsearch ucsschoolSourceUid=foo dn -LLL EOF root@master122:~# chmod +x testOID.sh root@master122:~# ./testOID.sh 2>&1 | tee BEFORE root@master122:~# dpkg -i ucs-school-import-schema*.deb root@master122:~# ./testOID.sh 2>&1 | tee AFTER root@master122:~# diff -u BEFORE AFTER --- BEFORE 2019-01-10 12:22:16.388000000 +0100 +++ AFTER 2019-01-10 12:37:57.096000000 +0100 @@ -1,7 +1,7 @@ + egrep '(ucsschoolExam|ucsschoolSourceUID|53.10|53.5)' + ldapsearch -x -s base -o ldif-wrap=no -b cn=Subschema objectClass=subschema objectClasses attributeTypes matchingRules matichingRuleUse dITStructureRules dITContentRules nameForms ldapSyntaxes attributeTypes: ( 1.3.6.1.4.1.10176.4000.2.53.5 NAME 'ucsschoolSourceUID' DESC 'Identifier of external database from which the user was imported.' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) -objectClasses: ( 1.3.6.1.4.1.10176.4000.2.53.5 NAME 'ucsschoolExam' DESC 'auxiliary class for exam users' SUP ucsschoolType AUXILIARY ) +objectClasses: ( 1.3.6.1.4.1.10176.4000.2.53.10 NAME 'ucsschoolExam' DESC 'auxiliary class for exam users' SUP ucsschoolType AUXILIARY ) + egrep ^(dn: |objectClass: ucsschoolExam|ucsschoolSourceUID:|$) + univention-ldapsearch uid=anton* -LLL objectClass ucsschoolSourceUID dn: uid=anton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local root@master122:~# same procedure on slave123: root@slave123:~# diff -u BEFORE AFTER --- BEFORE 2019-01-10 12:24:16.333165595 +0100 +++ AFTER 2019-01-10 12:40:54.037168589 +0100 @@ -1,7 +1,7 @@ + egrep '(ucsschoolExam|ucsschoolSourceUID|53.10|53.5)' + ldapsearch -x -s base -o ldif-wrap=no -b cn=Subschema objectClass=subschema objectClasses attributeTypes matchingRules matichingRuleUse dITStructureRules dITContentRules nameForms ldapSyntaxes attributeTypes: ( 1.3.6.1.4.1.10176.4000.2.53.5 NAME 'ucsschoolSourceUID' DESC 'Identifier of external database from which the user was imported.' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) -objectClasses: ( 1.3.6.1.4.1.10176.4000.2.53.5 NAME 'ucsschoolExam' DESC 'auxiliary class for exam users' SUP ucsschoolType AUXILIARY ) +objectClasses: ( 1.3.6.1.4.1.10176.4000.2.53.10 NAME 'ucsschoolExam' DESC 'auxiliary class for exam users' SUP ucsschoolType AUXILIARY ) + egrep ^(dn: |objectClass: ucsschoolExam|ucsschoolSourceUID:|$) + univention-ldapsearch uid=anton* -LLL objectClass ucsschoolSourceUID dn: uid=anton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local root@slave123:~# So no slapindex is required since the indices seem to be intact as the same results are returned. Btw: before changing the OID collision, I also found no problematic behaviour! Package: ucs-school-import Version: 16.0.3-1A~4.3.0.201901231601 Branch: ucs_4.3-0 Scope: ucs-school-4.3 fb3034d8a Bug #45538: add advisory 3fbb94cb2 Bug #45538: add changelog entry 3eed3435e Bug #45538: fix OID collision by changing OID of ucsschoolExam Test results from my master are attached.
Created attachment 9817 [details] test results from master
Reverted changes in UCS@school 4.3 and moved them to UCS@school 4.4: Package: ucs-school-import Version: 16.0.3-2A~4.3.0.201901241146 Branch: ucs_4.3-0 Scope: ucs-school-4.3 Package: ucs-school-import Version: 17.0.3-1A~4.4.0.201901241145 Branch: ucs_4.4-0 Scope: ucs-school-4.4 [4.3] 18b389d18 Bug #45538: update advisory 5343b80cb Bug #45538: add changelog entry dc51a1223 Revert "Bug #45538: add advisory" 5bbd44563 Revert "Bug #45538: fix OID collision by changing OID of ucsschoolExam" [4.4] 10b2a9a23 Bug #45538: update advisory d9c2104ec Bug #45538: add advisory 6d4820117 Bug #45538: add changelog entry 2dbe1d0b2 Bug #45538: fix OID collision by changing OID of ucsschoolExam dc10c314a Bug #48478/#48045/#48236/#48226: fix version numbers
What I tested: Started an exam before the update -> Updated -> Search still works -> OK Started an exam before the update -> Updated -> Started another exam -> OK Started an exam before the update -> Updated -> Stopped the exam -> OK Tests look good yaml -> OK -> Verified
UCS@school 4.4 v1 has been released. https://docs.software-univention.de/release-notes-ucsschool-4.4v1-de.html If this error occurs again, please clone this bug.