Univention Bugzilla – Bug 48137
PermissionError with correct password
Last modified: 2021-08-12 15:01:33 CEST
Censored traceback without customer data: Interner Server-Fehler in "schoolimport/ping". Request: schoolimport/ping Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 186, in _recv self.handle(msg) File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 296, in handle self.__handler.init() File "/usr/lib/pymodules/python2.7/univention/management/console/modules/schoolimport/__init__.py", line 61, in init self.client = Client(self.username, self.password, log_level=Client.LOG_RESPONSE) File "/usr/lib/pymodules/python2.7/ucsschool/http_api/client.py", line 384, in __init__ setattr(self, cls_name, kls(self)) File "/usr/lib/pymodules/python2.7/ucsschool/http_api/client.py", line 482, in __init__ self.resource_url = self.client.resource_urls[self.resource_name] File "/usr/lib/pymodules/python2.7/ucsschool/http_api/client.py", line 394, in resource_urls self._resource_urls = self.call_api('get', '.') File "/usr/lib/pymodules/python2.7/ucsschool/http_api/client.py", line 473, in call_api raise exc(msg, status_code=response.status_code) PermissionError: Received status_code=403 with reason='Forbidden' for requests.get(**files=None, url=u'', auth=, headers={u'Accept': u'application/json'}, params=None, data=None).
The problem is here: ==> ucs-school-import/gunicorn_error.log <== [2019-03-15 09:31:16 +0000] [4634] [DEBUG] GET /v1/ Traceback (most recent call last): File "_ctypes/callbacks.c", line 315, in 'calling callback function' File "/usr/lib/python2.7/dist-packages/pam.py", line 135, in my_conv cs = c_char_p(password) UnicodeEncodeError: 'ascii' codec can't encode character u'\xa7' in position 2: ordinal not in range(128)
This has been fixed in python-pampy version 1.8.4, which is in buster. In UCS 4.3 we have v 1.8.2 from stretch. I suggest to import 1.8.4 from buster into the ucscschool scope.
I just saw, that python-pampy was moved from unmaintained to maintained in 4.3-1. So I guess it should be updated in 4.3-3-errata and 4.4-0-errata?
As UCS@school 4.3 v7 can be installed on UCS 4.3-0 importing the package into 4.3-3-errata won't be sufficient. I imported it into the ucs@school scope for 4.3 and 4.4. If importing it into UCS is desired, please clone this into another bug. # repo_admin.py -U -r 4.3-0-0 -s ucs-school-4.3 -d buster -p python-pampy # b43-scope ucs-school-4.3 python-pampy # repo_admin.py --cherrypick --release 4.3-0-0 -s ucs-school-4.3 --releasedest 4.4-0-0 --dest ucs-school-4.4 -p python-pampy # cp -v /var/univention/buildsystem2/apt/ucs_4.3-0-ucs-school-4.3/all/python*-pampy_1.8.4-1* /var/univention/buildsystem2/apt/ucs_4.4-0-ucs-school-4.4/all # cp -v /var/univention/buildsystem2/apt/ucs_4.3-0-ucs-school-4.3/source/python-pampy_1.8.4-1* /var/univention/buildsystem2/apt/ucs_4.4-0-ucs-school-4.4/source/ [4.3 5006d3536] Bug #48137: advisory python-pampy (1.8.4-1)
Advisory for 4.4: [4.4 72833c04e] Bug #48137: advisory
I diffed version 1.8.2 and 1.8.4 of python-pampy: - some fixes including the required unicode fix - no API changes Added a new test, that checks for the exception in gunicord_error.log. The test fails with old python-pampy and returns without error if the new version is installed. [4.3] 1efee3551 Bug #48137: add test 303_http-api_auth_test [4.4] 2ed19ac36 Bug #48137: add test 303_http-api_auth_test Package: ucs-test-ucsschool Version: 5.0.4-8A~4.3.0.201903312205 Branch: ucs_4.3-0 Scope: ucs-school-4.3 Package: ucs-test-ucsschool Version: 6.0.0-38A~4.4.0.201903312232 Branch: ucs_4.4-0 Scope: ucs-school-4.4
UCS@school 4.3 v8 has been released. https://docs.software-univention.de/changelog-ucsschool-4.3v8-de.html If this error occurs again, please clone this bug.