Bug 46194 - Fix UDM option handling in UCS@school library
Fix UDM option handling in UCS@school library
Product: UCS@school
Classification: Unclassified
Component: LDAP
UCS@school 4.3
Other Linux
: P5 normal (vote)
: UCS@school 4.3 v1
Assigned To: Daniel Tröder
Sönke Schwardt-Krummrich
Depends on:
  Show dependency treegraph
Reported: 2018-01-30 13:55 CET by Florian Best
Modified: 2018-05-02 17:53 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 5: Will affect all installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.257
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2018-01-30 13:55:18 CET
The this failing test case:


(2018-01-26 11:49:24.013024) Traceback (most recent call last):
(2018-01-26 11:49:24.013043)   File "04_ucs-school-reset-password-check", line 129, in <module>
(2018-01-26 11:49:24.013054)     sys.exit(main())
(2018-01-26 11:49:24.013064)   File "04_ucs-school-reset-password-check", line 64, in main
(2018-01-26 11:49:24.013074)     schoolName, oudn = schoolenv.create_ou(name_edudc=host)
(2018-01-26 11:49:24.013088)   File "/usr/lib/pymodules/python2.7/univention/testing/ucsschool.py", line 270, in create_ou
(2018-01-26 11:49:24.013099)     result = School(**kwargs).create(lo)
(2018-01-26 11:49:24.013153)   File "/usr/lib/pymodules/python2.7/ucsschool/lib/models/base.py", line 427, in create
(2018-01-26 11:49:24.013167)     success = self.create_without_hooks(lo, validate)
(2018-01-26 11:49:24.013181)   File "/usr/lib/pymodules/python2.7/ucsschool/lib/models/school.py", line 389, in create_without_hooks
(2018-01-26 11:49:24.020006)     self.modify_without_hooks(lo)
(2018-01-26 11:49:24.020029)   File "/usr/lib/pymodules/python2.7/ucsschool/lib/models/base.py", line 504, in modify_without_hooks
(2018-01-26 11:49:24.020040)     self.do_modify(udm_obj, lo)
(2018-01-26 11:49:24.020054)   File "/usr/lib/pymodules/python2.7/ucsschool/lib/models/base.py", line 530, in do_modify
(2018-01-26 11:49:24.020064)     udm_obj.modify(ignore_license=1)
(2018-01-26 11:49:24.020077)   File "/usr/lib/pymodules/python2.7/univention/admin/handlers/__init__.py", line 526, in modify
(2018-01-26 11:49:24.020088)     dn = self._modify(modify_childs, ignore_license=ignore_license, response=response)
(2018-01-26 11:49:24.020100)   File "/usr/lib/pymodules/python2.7/univention/admin/handlers/__init__.py", line 1074, in _modify
(2018-01-26 11:49:24.020110)     self.lo.modify(self.dn, ml, ignore_license=ignore_license, serverctrls=serverctrls, response=response)
(2018-01-26 11:49:24.020121)   File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 505, in modify
(2018-01-26 11:49:24.020131)     raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
(2018-01-26 11:49:24.020141) univention.admin.uexceptions.ldapError: Object class violation: no structural object class provided

The modlist is:
[('ucsschoolHomeShareFileServer', '', 'cn=master120,cn=dc,cn=computers,dc=dev,dc=local'), ('ucsschoolClassShareFileServer', '', 'cn=master120,cn=dc,cn=computers,dc=dev,dc=local'), ('objectClass', ['ucsschoolOrganizationalUnit', 'top', 'univentionObject', 'organizationalUnit'], ['ucsschoolOrganizationalUnit', 'univentionObject'])]

univention-check-join-status says:
Warning: 'ucsschool-ldap-acls-master' is not configured.

Re-executing doesn't help.

join.log contains:
Waiting for activation of the extension object 65ucsschool:.....................................................ERROR: Master did not mark the extension object active within 180 seconds.

listener.log contains:
28.01.18 20:02:20.608  LISTENER    ( PROCESS ) : updating 'cn=65ucsschool,cn=ldapacl,cn=univention,dc=dev,dc=local' command a
28.01.18 20:02:25.519  LISTENER    ( ERROR   ) : ldap_extension: slapd.conf validation failed:
5a6e1e41 /etc/ldap/slapd.conf: line 496: unknown attr "@ucsschoolOrganizationalUnit" in to clause
Comment 1 Florian Best univentionstaff 2018-01-30 14:26:05 CET
Strange error. I get the same traceback when fixing the joinscript manually:

# cat /etc/univention/templates/info/ldapacl_65ucsschool.info
Type: multifile
Multifile: etc/ldap/slapd.conf

Type: subfile
Multifile: etc/ldap/slapd.conf
Subfile: etc/ldap/slapd.conf.d/65ucsschool
# cp /usr/share/ucs-school-ldap-acls-master/65ucsschool /etc/univention/templates/files/etc/ldap/slapd.conf.d/
# ucr commit /etc/ldap/slapd.conf
# service slapd restart

→ slapd start works then, error persists.
Comment 2 Florian Best univentionstaff 2018-01-30 15:58:40 CET
The traceback was caused by Bug #45842 and has been fixed there:

The UCS@school lib removed all other options from the containers/ou object.

        def _alter_udm_obj(self, udm_obj):
                udm_obj.options = ['UCSschool-School-OU']
                return super(School, self)._alter_udm_obj(udm_obj)

udm_obj.options.append('UCSschool-School-OU') should be used instead, because it would unset other extended options for OU's as well.
Comment 3 Daniel Tröder univentionstaff 2018-02-27 09:14:45 CET
[4.3 6c8a1ea2] Bug #46194: append instead of replace school-OU option
[4.2 b3380003] Bug #46194: append instead of replace school-OU option
[4.2 1ecadbfc] Bug #46194: advisory

ucs-school-lib (10.0.2-13)
ucs-school-lib (11.0.1-5)
Comment 4 Sönke Schwardt-Krummrich univentionstaff 2018-03-02 14:07:22 CET
OK: code change
OK: functional change
OK: tests
OK: changelog entry
OK: advisory
OK: changes merged to 4.2-3 and 4.3-0
OK: package built
Comment 5 Sönke Schwardt-Krummrich univentionstaff 2018-03-14 13:11:58 CET
UCS@school 4.3 v1 has been released.


If this error occurs again, please clone this bug.
Comment 6 Sönke Schwardt-Krummrich univentionstaff 2018-05-02 17:53:17 CEST
(Changes have been made with this bug number for 4.2 and 4.3)

UCS@school 4.2 v9 has been released.


If this error occurs again, please clone this bug.