Univention Bugzilla – Bug 52964
UDM REST API hangs indefinitely at forbidden move operation or trying to move wrong object type
Last modified: 2022-01-18 11:51:56 CET
When creating a UCS@school OU, the following happens: ----------------------------------------------------------------------------- [..] 2021-03-19 17:53:07 INFO base.create_without_hooks:446 Creating DHCPService(name='ou585', school='ou585', dn='cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') INFO:ucsschool.lib.models.dhcp:Creating DHCPService(name='ou585', school='ou585', dn='cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') DEBUG:udm_rest_client.base_http:'create' 'dhcp/service' -> udm_dhcp_service_object_create_with_http_info(**{'dhcp_service': {'options': {'options': True}, 'position': 'cn=dhcp,ou=ou585,dc=uni,dc=dtr', 'properties': {'option': ['wpad "http://eduou585.uni.dtr/proxy.pac"'], 'service': 'ou585'}}}) -> DhcpService(None) [201] DEBUG:udm_rest_client.base_http:'get' 'dhcp/service' -> udm_dhcp_service_object_with_http_info(**{'dn': 'cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr'}) -> DhcpService('cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') [200] 2021-03-19 17:53:07 INFO base.create_without_hooks:478 DHCPService(name='ou585', school='ou585', dn='cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') successfully created INFO:ucsschool.lib.models.dhcp:DHCPService(name='ou585', school='ou585', dn='cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') successfully created 2021-03-19 17:53:07 DEBUG dhcp.find_any_dn_with_name:203 Searching first dhcpServer with cn=eduou585 DEBUG:ucsschool.lib.models.dhcp:Searching first dhcpServer with cn=eduou585 2021-03-19 17:53:07 DEBUG dhcp.find_any_dn_with_name:210 ... None found DEBUG:ucsschool.lib.models.dhcp:... None found 2021-03-19 17:53:07 INFO dhcp.add_server:151 No DHCP server named eduou585 found! Creating new one! INFO:ucsschool.lib.models.dhcp:No DHCP server named eduou585 found! Creating new one! 2021-03-19 17:53:07 DEBUG base.get_udm_object:722 Getting DHCPService UDM object by dn: cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr DEBUG:ucsschool.lib.models.dhcp:Getting DHCPService UDM object by dn: cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr DEBUG:udm_rest_client.base_http:'get' 'dhcp/service' -> udm_dhcp_service_object_with_http_info(**{'dn': 'cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr'}) -> DhcpService('cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') [200] 2021-03-19 17:53:07 DEBUG base.get_only_udm_obj:969 Getting DHCPServer UDM object by filter: server=eduou585 DEBUG:ucsschool.lib.models.dhcp:Getting DHCPServer UDM object by filter: server=eduou585 2021-03-19 17:53:07 INFO base.create_without_hooks:446 Creating DHCPServer(name='eduou585', school='ou585', dn='cn=eduou585,cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') INFO:ucsschool.lib.models.dhcp:Creating DHCPServer(name='eduou585', school='ou585', dn='cn=eduou585,cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr') 2021-03-19 17:53:07 DEBUG base.get_only_udm_obj:969 Getting DHCPServer UDM object by filter: server=eduou585 DEBUG:ucsschool.lib.models.dhcp:Getting DHCPServer UDM object by filter: server=eduou585 INFO:udm_rest_client.base_http:Moving UdmObject('dhcp/server', 'cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr') to new position 'cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr'. DEBUG:udm_rest_client.base_http:'modify' 'dhcp/server' -> udm_dhcp_server_object_modify_with_http_info(**{'dhcp_server': {'dn': 'cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr', 'embedded': None, 'links': {'curies': [{'href': 'https://m20.uni.dtr/univention/udm/relation/{rel}', 'name': 'udm', 'templated': True}], 'describedby': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr', 'method': 'OPTIONS'}], 'edit-form': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr/edit', 'title': 'Modify, move or remove this DHCP service'}], 'icon': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/favicon.ico', 'type': 'image/x-icon'}], 'self': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr', 'title': 'cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr'}], 'type': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/', 'name': 'dhcp/service', 'title': 'DHCP service'}], 'udm:children-types': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr/children-types/', 'name': 'dhcp/service', 'title': 'Sub object types of DHCP ' 'service'}], 'udm:object-module': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/', 'name': 'dhcp/dhcp', 'title': 'DHCP services'}], 'udm:object-modules': [{'href': 'https://m20.uni.dtr/univention/udm/', 'title': 'All modules'}], 'udm:object/edit': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr', 'method': 'PUT'}], 'udm:object/remove': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr', 'method': 'DELETE'}], 'up': [{'href': 'https://m20.uni.dtr/univention/udm/dhcp/service/', 'name': 'dhcp/service', 'title': 'DHCP service'}]}, 'object_type': 'dhcp/service', 'options': {'options': True}, 'policies': {'policies_dhcp_boot': [], 'policies_dhcp_dns': [], 'policies_dhcp_dnsupdate': [], 'policies_dhcp_leasetime': [], 'policies_dhcp_netbios': [], 'policies_dhcp_routing': [], 'policies_dhcp_scope': [], 'policies_dhcp_statements': []}, 'position': 'cn=ou585,cn=dhcp,ou=ou585,dc=uni,dc=dtr', 'properties': {'objectFlag': [], 'option': ['wpad "http://eduou457.uni.dtr/proxy.pac"'], 'service': 'ou457', 'statements': []}, 'uri': 'https://m20.uni.dtr/univention/udm/dhcp/service/cn%3Dou457%2Ccn%3Ddhcp%2Cou%3Dou457%2Cdc%3Duni%2Cdc%3Ddtr', 'uuid': 'df175174-1d1d-103b-84aa-55569405e19a'}, 'dn': 'cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr'}) -> DhcpServer(None) [201] DEBUG:udm_rest_client.base_http:Waiting on move operation since 2.02 seconds... DEBUG:udm_rest_client.base_http:Waiting on move operation since 4.06 seconds... DEBUG:udm_rest_client.base_http:Waiting on move operation since 6.10 seconds... DEBUG:udm_rest_client.base_http:Waiting on move operation since 8.14 seconds... DEBUG:udm_rest_client.base_http:Waiting on move operation since 10.18 seconds... DEBUG:udm_rest_client.base_http:Waiting on move operation since 12.22 seconds... DEBUG:udm_rest_client.base_http:Waiting on move operation since 14.26 seconds... [..] ----------------------------------------------------------------------------- This goes on forever. In the UDM REST API log: ----------------------------------------------------------------------------- 19.03.21 17:53:07 INFO ( 26160) : 201 PUT /udm/dhcp/server/cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr (0.0.0.0) 5.12ms 19.03.21 17:53:07.768 MODULE ( WARN ) : Failed to move LDAP object cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr: invalidOperation: Objects of the "dhc p/service" object type can not be moved. 19.03.21 17:53:07 INFO ( 26160) : 301 GET /udm/progress/c96087e6-2da9-41fc-8e63-83d87edec916 (0.0.0.0) 7.16ms 19.03.21 17:53:07 ERROR ( 26160) : Uncaught exception PUT /udm/dhcp/server/cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr (0.0.0.0) HTTPServerRequest(protocol='http', host='m20.uni.dtr', method='PUT', uri='/udm/dhcp/server/cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr', version='HTTP/1.1 ', remote_ip='0.0.0.0', headers={'X-Umc-Https': 'on', 'Content-Length': '2468', 'Via': '1.1 m20.uni.dtr', 'Accept-Encoding': 'gzip, deflate', 'X-Forwarded -Host': 'm20.uni.dtr', 'X-Forwarded-For': '172.17.0.1', 'Host': 'm20.uni.dtr', 'Accept': 'application/json', 'User-Agent': 'OpenAPI-Generator/1.0.0/python ', 'Connection': 'close', 'X-Forwarded-Proto': 'https', 'X-Forwarded-Server': 'm20.uni.dtr', 'Content-Type': 'application/json', 'X-Forwarded-Ssl': 'on', 'Authorization': 'Basic Y249YWRtaW46dlFscmhyNkJleVlvNFo0dUo4MXc='}) Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/tornado/web.py", line 1469, in _execute result = yield result File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1015, in run value = future.result() File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 237, in result raise_exc_info(self._exc_info) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1021, in run yielded = self.gen.throw(*exc_info) File "/usr/lib/python2.7/dist-packages/univention/admin/rest/module.py", line 2799, in put yield self.move(module, dn, position) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1015, in run value = future.result() File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 237, in result raise_exc_info(self._exc_info) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1021, in run yielded = self.gen.throw(*exc_info) File "/usr/lib/python2.7/dist-packages/univention/admin/rest/module.py", line 2955, in move dn = yield self.pool.submit(module.move, dn, position) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1015, in run value = future.result() File "/usr/lib/python2.7/dist-packages/concurrent/futures/_base.py", line 398, in result return self.__get_result() File "/usr/lib/python2.7/dist-packages/concurrent/futures/thread.py", line 55, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 588, in move UDM_Error(e).reraise() File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 584, in move obj.move(dest) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 711, in move raise univention.admin.uexceptions.invalidOperation(_('Objects of the "%s" object type can not be moved.') % (self.module,)) UDM_Error: This operation is not allowed on this object. Objects of the "dhcp/service" object type can not be moved. 19.03.21 17:53:08 INFO ( 26160) : 301 GET /udm/progress/c96087e6-2da9-41fc-8e63-83d87edec916 (0.0.0.0) 7.79ms 19.03.21 17:53:09 INFO ( 26160) : 301 GET /udm/progress/c96087e6-2da9-41fc-8e63-83d87edec916 (0.0.0.0) 8.38ms 19.03.21 17:53:10 INFO ( 26160) : 301 GET /udm/progress/c96087e6-2da9-41fc-8e63-83d87edec916 (0.0.0.0) 11.06ms 19.03.21 17:53:11 INFO ( 26160) : 301 GET /udm/progress/c96087e6-2da9-41fc-8e63-83d87edec916 (0.0.0.0) 10.92ms [..] ----------------------------------------------------------------------------- This also continues until I stop the client. The objects in LDAP after that are: ----------------------------------------------------------------------------- root@m20:~# univention-ldapsearch -LLL -b cn=dhcp,ou=ou457,dc=uni,dc=dtr dn univentionObjectType dn: cn=dhcp,ou=ou457,dc=uni,dc=dtr univentionObjectType: container/cn dn: cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr univentionObjectType: dhcp/service ----------------------------------------------------------------------------- Two things may be a problem here: 1) It is a "dhcp/server" object that should be moved, but the UDM error messages talks about "dhcp/service". 2) The UDM REST API does not handle the Python UDM error. ... ah wait, I see now that 'cn=ou457,cn=dhcp,ou=ou457,dc=uni,dc=dtr' is a "dhcp/service", while the school lib thinks it's a 'dhcp/server'... I'll investigate that after the weekend. But still 2) should be handled more robustly.
Created attachment 10658 [details] patch Patch, which adds error handling to the move operation.
Do you need a workaround? If you access the response of the redirection you'll have a flag errors=True, which you can use as indicator of failure to stop you from further requesting anything.
(In reply to Florian Best from comment #2) > Do you need a workaround? If you access the response of the redirection > you'll have a flag errors=True, which you can use as indicator of failure to > stop you from further requesting anything. Not necessary, thank you. We had an error in the client code: setting a superordinate set the 'dn' attribute of the object to be created. That leads to the UDM REST client thinking the object must already exist and trying a move. Unsetting the 'dn' attribute before starting the create operation made the problem go away.
https://git.knut.univention.de/univention/ucs/-/merge_requests/249