Univention Bugzilla – Bug 55506
POST /school" does not work on singleserver
Last modified: 2023-05-26 10:49:19 CEST
System info: ``` root@ucs-1868:~# univention-app info UCS: 5.0-2 errata515 Installed: cups=2.2.1 samba4=4.16 squid=3.5 ucsschool=5.0 v3 4.4/ucsschool-kelvin-rest-api=1.8.1 4.4/ucsschool-veyon-proxy=4.7.4.14-0 Upgradable: ``` VM IP: 10.200.68.5 (`ssh skurup "virsh start cgarcia_school_singlemaster_68.5"`) Sanpshot of the bug: `bug_create_school_singleserver` Kelvin call: ``` curl -X 'POST' \ 'http://10.200.68.5/ucsschool/kelvin/v1/schools/' \ -H 'accept: application/json' \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "name": "string" }' ``` Response from Kelvin(400): ``` { "detail": "Failed to create school 'string': [HTTP 400]: for operation 'get' on 'computers/domaincontroller_slave' with arguments {'dn': 'cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet'}: Bad Request" } ``` Response from UDM (400): ``` root@ucs-1868:~# curl -u Administrator:univention "http://localhost/univention/udm/computers/domaincontroller_slave/cn=ucs-1868, cn=dc,cn=computers,dc=test,dc=intranet" <!DOCTYPE html> <html> <head> <title>HTTP-Error 400: </title> <meta content="text/html; charset=utf-8" http-equiv="content-type"> <link href="http://localhost/univention/udm/computers/domaincontroller_slave/cn%3Ducs-1868%2Ccn%3Ddc%2Ccn%3Dcomputers%2Cdc%3Dtest%2Cdc%3Dintranet" rel="self" title="HTTP-Error 400: "> <link href="http://localhost/univention/udm/css/style.css" rel="stylesheet"> </head> <body dir="ltr"> <header> <nav> <h1 id="logo"> <a href="http://localhost/" rel="home"> </a> </h1> <a href="http://localhost/univention/udm/computers/domaincontroller_slave/cn%3Ducs-1868%2Ccn%3Ddc%2Ccn%3Dcomputers%2Cdc%3Dtest%2Cdc%3Dintranet" rel="self" title="HTTP-Error 400: ">›› HTTP-Error 400: </a> </nav> </header> <nav> <ul></ul> </nav> <main> <div> <h1>HTTP-Error 400: </h1> <p style="white-space: pre">The object type of this object differs from the specified object type. cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet is not recognized as computers/domaincontroller_slave.</p> </div> </main> </body> ``` Kelvin traceback: ``` 19.12.22 07:41:30 INFO ( 589) : 200 GET /udm/groups/group/cn=OUtestou7219-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,dc=test,dc=intranet (127.0.0.1) 16.26ms 19.12.22 07:41:30 ERROR ( 1347) : Uncaught exception 3dc61d5b89: GET /udm/computers/domaincontroller_slave/cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet (0.0.0.0) HTTPServerRequest(protocol='http', host='ucs-1868.test.intranet', method='GET', uri='/udm/computers/domaincontroller_slave/cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet', version='HTTP/1.1', remote_ip='0.0.0.0') Traceback (most recent call last): File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 719, in get obj = self.module.object(None, ldap_connection, None, ldap_dn, superordinate, attributes=attributes) File "/usr/lib/python3/dist-packages/univention/admin/handlers/computers/__base.py", line 72, in __init__ univention.admin.handlers.simpleComputer.__init__(self, co, lo, position, dn, superordinate, attributes) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 1917, in __init__ simpleLdap.__init__(self, co, lo, position, dn, superordinate, attributes) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 229, in __init__ raise univention.admin.uexceptions.wrongObjectType('%s is not recognized as %s.' % (self.dn, self.module)) univention.admin.uexceptions.wrongObjectType: cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet is not recognized as computers/domaincontroller_slave. During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/tornado/web.py", line 1592, in _execute result = yield result File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1133, in run value = future.result() File "/usr/lib/python3/dist-packages/univention/admin/rest/module.py", line 3063, in get module, obj = await self.pool_submit(self.get_module_object, object_type, dn) File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1141, in run yielded = self.gen.throw(*exc_info) File "/usr/lib/python3/dist-packages/univention/admin/rest/module.py", line 396, in pool_submit return (yield future) File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1133, in run value = future.result() File "/usr/lib/python3.7/concurrent/futures/_base.py", line 425, in result return self.__get_result() File "/usr/lib/python3.7/concurrent/futures/_base.py", line 384, in __get_result raise self._exception File "/usr/lib/python3.7/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/univention/admin/rest/module.py", line 494, in get_module_object obj = module.get(dn) File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 731, in get UDM_Error(exc).reraise() File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 366, in reraise six.reraise(self.__class__, self, self.exc_info[2]) File "/usr/lib/python3/dist-packages/six.py", line 692, in reraise raise value.with_traceback(tb) File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 719, in get obj = self.module.object(None, ldap_connection, None, ldap_dn, superordinate, attributes=attributes) File "/usr/lib/python3/dist-packages/univention/admin/handlers/computers/__base.py", line 72, in __init__ univention.admin.handlers.simpleComputer.__init__(self, co, lo, position, dn, superordinate, attributes) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 1917, in __init__ simpleLdap.__init__(self, co, lo, position, dn, superordinate, attributes) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 229, in __init__ raise univention.admin.uexceptions.wrongObjectType('%s is not recognized as %s.' % (self.dn, self.module)) univention.management.console.modules.udm.udm_ldap.UDM_Error: The object type of this object differs from the specified object type. cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet is not recognized as computers/domaincontroller_slave. 19.12.22 07:41:30 WARNING ( 1347) : 400 3dc61d5b89: GET /udm/computers/domaincontroller_slave/cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet (0.0.0.0) 21.41ms 19.12.22 07:41:30 WARNING ( 589) : 400 GET /udm/computers/domaincontroller_slave/cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet (127.0.0.1) 24.52ms ```
``` root@ucs-1868:~# ucr get ucsschool/singlemaster true ``` In both the host (primary) and the Kelvin container.
what does univention-ldapsearch -LLLb 'cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet' say?
(In reply to Florian Best from comment #2) > what does > univention-ldapsearch -LLLb > 'cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet' > say? ``` root@ucs-1868:~/kelvin-rest-api-client# univention-ldapsearch -LLLb 'cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet' dn: cn=ucs-1868,cn=dc,cn=computers,dc=test,dc=intranet krb5MaxLife: 86400 krb5MaxRenew: 604800 krb5KDCFlags: 126 krb5KeyVersionNumber: 1 uidNumber: 2001 krb5Key:: MEmhEzARoAMCAQGhCgQIGtUZaFJP2UyiMjAwoAMCAQOhKQQnVEVTVC5JTlRSQU5FVGhvc3R1Y3MtMTg2OC50ZXN0LmludHJhbmV0 krb5Key:: MEmhEzARoAMCAQOhCgQIGtUZaFJP2UyiMjAwoAMCAQOhKQQnVEVTVC5JTlRSQU5FVGhvc3R1Y3MtMTg2OC50ZXN0LmludHJhbmV0 krb5Key:: MEmhEzARoAMCAQKhCgQIGtUZaFJP2UyiMjAwoAMCAQOhKQQnVEVTVC5JTlRSQU5FVGhvc3R1Y3MtMTg2OC50ZXN0LmludHJhbmV0 krb5Key:: MGGhKzApoAMCARKhIgQg0MBDbIsHNb529N5SfV7dXB3pSZLHXDIlC4USlflsqt6iMjAwoAMCAQOhKQQnVEVTVC5JTlRSQU5FVGhvc3R1Y3MtMTg2OC50ZXN0LmludHJhbmV0 krb5Key:: MFGhGzAZoAMCARGhEgQQsRNJcF6WUzZvLV6KLJEQp6IyMDCgAwIBA6EpBCdURVNULklOVFJBTkVUaG9zdHVjcy0xODY4LnRlc3QuaW50cmFuZXQ= krb5Key:: MFmhIzAhoAMCARChGgQYdXoxhoBMdhWtB+DlOyyutn/mRkz9FiBMojIwMKADAgEDoSkEJ1RFU1QuSU5UUkFORVRob3N0dWNzLTE4NjgudGVzdC5pbnRyYW5ldA== krb5Key:: MFGhGzAZoAMCARehEgQQPs0coA2J1ClXEboK2LM/C6IyMDCgAwIBA6EpBCdURVNULklOVFJBTkVUaG9zdHVjcy0xODY4LnRlc3QuaW50cmFuZXQ= userPassword:: e2NyeXB0fSQ2JC92Q0RqQ2gybWFUdGNSZ1ckWE1WcE1zbERCYjRxMDdIcmRzcWtnQjA1dGdpeTZlcUJiZDB2UTJ3dUQxb0pIRHJaMXd4VzFDL1FSL3FQeTA1ME1EWjJ0MC9GN2lOWUtnUkZ0eG1BRS8= sambaNTPassword: 3ECD1CA00D89D4295711BA0AD8B33F0B sambaAcctFlags: [S ] displayName: ucs-1868 univentionServerRole: master aRecord: 10.200.68.5 sn: ucs-1868 cn: ucs-1868 associatedDomain: test.intranet homeDirectory: /dev/null loginShell: /bin/sh uid: ucs-1868$ krb5PrincipalName: host/ucs-1868.test.intranet@TEST.INTRANET univentionObjectType: computers/domaincontroller_master gidNumber: 5005 univentionOperatingSystem: Univention Corporate Server univentionNagiosEnabled: 1 objectClass: posixAccount objectClass: univentionNagiosHostClass objectClass: univentionObject objectClass: person objectClass: krb5Principal objectClass: sambaSamAccount objectClass: top objectClass: shadowAccount objectClass: univentionHost objectClass: krb5KDCEntry objectClass: univentionDomainController objectClass: ucsschoolServer univentionOperatingSystemVersion: 5.0-2 sambaSID: S-1-5-21-1168332164-926753259-1399136823-1000 shadowLastChange: 19343 sambaPwdLastSet: 1671270990 sambaPrimaryGroupSID: S-1-5-21-1168332164-926753259-1399136823-1110 univentionService: LDAP univentionService: Univention Directory Manager REST univentionService: NFS univentionService: DNS univentionService: univention-saml univentionService: Univention Management Console univentionService: UCS Monitoring univentionService: PROXY univentionService: Samba 4 univentionService: S4 Connector univentionService: Print univentionService: UCS@school univentionService: UCS@school Education ucsschoolRole: dc_master:school:- ucsschoolRole: single_master:school:- ucsschoolRole: single_master:school:DEMOSCHOOL ucsschoolRole: single_master:school:test ucsschoolRole: single_master:school:string ```
So this is a domaincontroller master object but Kelvin tries to treat it as domaincontroller slave.
Additionally, this might happen in multiserver domains after running the tests. I fear that some test might affect the computer object leaving it in a bad state. I go this error from a Jenkins run: ``` auth_header = {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOnsidXNlcm5hbWUiOiJBZG1pbmlzdHJhdG9yIiwia2VsdmluX2FkbWluIjp0cnVlLCJzY2hvb2xzIjpbXSwicm9sZXMiOltdfSwiZXhwIjoxNjcxNTYxMDkwfQ.CktfyVYmuZu7TDhiUU5LTv1uJ90wFSa7lTEK_iCzu08'} docker_host_name = 'primary.school.test' random_school_create_model = <class 'conftest.SchoolCreateModelFactory'> schedule_delete_ou_using_ssh = <function schedule_delete_ou_using_ssh.<locals>._func at 0x7fa8f3afc430> @pytest.mark.asyncio async def test_create_udm_error_forwarding( auth_header, docker_host_name, random_school_create_model, schedule_delete_ou_using_ssh, ): school_create_model: SchoolCreateModel = random_school_create_model() attrs = school_create_model.dict() attrs["udm_properties"] = {"description": "DESCRIPTION", "userPath": "_xxx"} schedule_delete_ou_using_ssh(school_create_model.name, docker_host_name) client = TestClient(app, base_url="http://test.server") response = client.post( app.url_path_for("school_create"), headers={"Content-Type": "application/json", **auth_header}, json=attrs, ) > assert response.status_code == 422, response.json() E AssertionError: {'detail': "Failed to create school 'db-55': [HTTP 400]: for operation 'get' on 'computers/domaincontroller_slave' with arguments {'dn': 'cn=primary,cn=dc,cn=computers,dc=school,dc=test'}: Bad Request"} E assert 400 == 422 E +400 E -422 attrs = {'administrative_servers': ['admdb-55'], 'class_share_file_server': 'admdb-55', 'display_name': 'displ name db-55', 'educational_servers': ['edudb-55'], ...} auth_header = {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOnsidXNlcm5hbWUiOiJBZG1pbmlzdHJhdG9yIiwia2VsdmluX2FkbWluIjp0cnVlLCJzY2hvb2xzIjpbXSwicm9sZXMiOltdfSwiZXhwIjoxNjcxNTYxMDkwfQ.CktfyVYmuZu7TDhiUU5LTv1uJ90wFSa7lTEK_iCzu08'} client = <starlette.testclient.TestClient object at 0x7fa8f456f0a0> docker_host_name = 'primary.school.test' random_school_create_model = <class 'conftest.SchoolCreateModelFactory'> response = <Response [400 Bad Request]> schedule_delete_ou_using_ssh = <function schedule_delete_ou_using_ssh.<locals>._func at 0x7fa8f3afc430> school_create_model = SchoolCreateModel(udm_properties={}, name='db-55', display_name='displ name db-55', educational_servers=['edudb-55'], administrative_servers=['admdb-55'], class_share_file_server='admdb-55', home_share_file_server='admdb-55') tests/test_route_school.py:241: AssertionError ```