Univention Bugzilla – Bug 53204
Invalid dhcp/host entry with empty univentionDhcpFixedAddress - no IP address returned
Last modified: 2021-05-25 15:59:28 CEST
When editing the DHCP entry through an UDM computer object the "IP address" can be let empty: This is used to mark the computer as "known" by its MAC address, but not assign a STATIC address to it. In that case the computer receives a DYNAMIC address from the "dhcp/pool", which provides the optional to restrict it to only KNOWN hosts. (in contrast to UNKNOWN host which do NOT have any "dhcp/host" address matching their MAC address.) This mechanism is most often used to ONLY provide IP addresses to REGISTERED computers, whose MAC address have been recorded as "dhcp/host" entries. This mechanism is broken is creates an "invalid" LDAP entry, which has the attribute "univentionDhcpFixedAddress", but with no value: # univention-ldapsearch -LLLb cn=ucs22,cn=phahn0.qa,cn=dhcp,dc=phahn0,dc=qa > dn: cn=ucs22,cn=phahn0.qa,cn=dhcp,dc=phahn0,dc=qa > objectClass: top > objectClass: univentionObject > objectClass: univentionDhcpHost > univentionObjectType: dhcp/host > cn: ucs22 > univentionDhcpFixedAddress: > dhcpHWAddress: ethernet 52:54:00:95:dd:7c When this computers then tries to get an IP address the isc-dhcp-server prints an error message and hands out NO address: # journalctl -u isc-dhcp-server > dhcpd[26025]: DHCPDISCOVER from 00:15:65:d4:a3:77 via eth0: network 10.200.17.0/24: no free leases > dhcpd[26025]: LDAP-HOST line 1: ; (59): expecting IP address or hostname > dhcpd[26025]: fixed-address ; > dhcpd[26025]: ^ This is triggered by our patch patches/isc-dhcp/5.0-0-0-ucs/4.4.1-2/28_ldap_oc.quilt which generates "fixed-address %s;" for each attribute "ipHostNumber" and "univentionDhcpFixedAddress", even when they are empty. Fix === There are two things to fix: 1. Our patch should not generate those statements when the value is empty. 2. UDM should not generate empty attributes, but remove them completely. Reproducer ========== ``` LB="$(ucr get ldap/base)" UNIQUE='42' udm dhcp/service create --set service="dhcp$UNIQUE" udm computers/ipmanagedclient create --set name="host$UNIQUE" --set mac=00:11:22:33:44:55 --set dhcpEntryZone="\"cn=dhcp$UNIQUE,$LB\" \"00:11:22:33:44:55\"" univention-ldapsearch -LLLb "cn=dhcp$UNIQUE,$LB" "(cn=host$UNIQUE)" ``` +++ This bug was initially created as a clone of Bug #24668 +++
[5.0-0] cccd2bdb24 fix[udm]: Fix creating dhcp/host entry without IP doc/changelog/changelog-5.0-0.xml | 5 +++- .../univention-directory-manager-modules/debian/changelog | 7 +++++ .../modules/univention/admin/handlers/__init__.py | 20 +++++++------ test/ucs-test/tests/66_udm-computers/59_remove_ipv6_ptr | 45 +++++++++++++--------------- test/ucs-test/tests/66_udm-computers/60_create_empty_dhcp | 46 +++++++++++++++++++++++++++++ 5 files changed, 89 insertions(+), 34 deletions(-) Package: univention-directory-manager-modules Version: 15.0.10-2A~5.0.0.202105041225 Package: ucs-test Version: 10.0.5-13A~5.0.0.202105041227 OK: /usr/share/ucs-test/66_udm-computers/59_remove_ipv6_ptr OK: /usr/share/ucs-test/66_udm-computers/60_create_empty_dhcp -vf
For completeness I also patched "isc-dchp" to no longer generate invalid statements. It alone is not enough as an old UCS-4 does still create those invalid entries, which the UDM part fixed. r19367 | fix[dhcp]: Skip empty univentionDhcpFixedAddress Package: isc-dhcp Version: 4.4.1-2A~5.0.0.202105041300 OK: I already did QA for this during DNS/DHCP PT for UCS 5.0-0
OK: creating computer without DHCP-IP-Address OK: opening computer without DHCP-IP-Address in UMC OK: opening computer without DHCP-IP-Address in UDM-CLI OK: opening computer without DHCP-IP-Address in UDM-REST-API OK: isc-dhcp patch OK: changelog entry
UCS 5.0 has been released: https://docs.software-univention.de/release-notes-5.0-0-en.html https://docs.software-univention.de/release-notes-5.0-0-de.html If this error occurs again, please use "Clone This Bug".