Bug 56938 – Code 502 when opening "Passwords (teachers)" in UMC, ModuleProcess: child 4622 (schoolusers) exited with -6 (SIGABRT)

Bug 56938 - Code 502 when opening "Passwords (teachers)" in UMC, ModuleProcess: child 4622 (schoolusers) exited with -6 (SIGABRT)


Summary:	Code 502 when opening "Passwords (teachers)" in UMC, ModuleProcess: child 462...

Status:	CLOSED FIXED

Product:	UCS@school
Classification:	Unclassified
Component:	UMC - Password reset
Version:	UCS@school 5.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS@school 5.0 v4-errata
Assigned To:	Johannes Königer
QA Contact:	Carlos García-Mauriño

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2023-12-22 22:02 CET by Wolfgang Bayrhof
Modified:	2024-01-17 14:03 CET (History)
CC List:	12 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	4: Will affect most installed domains
How will those affected feel about the bug?:	4: A User would return the product
User Pain:	0.457
Enterprise Customer affected?:
School Customer affected?:	Yes
ISV affected?:
Waiting Support:	Yes
Flags outvoted (downgraded) after PO Review:
Ticket number:	2023122021000241, 2023122921000109, 2024010421000111, 2024010421000184, 2024010821000113, 2024010921000291, 2024011121000331, 2024011521000467, 2024010521000119, 2024011721000196
Bug group (optional):	Regression
Max CVSS v3 score:

Attachments
screenshot showing the 502 error (42.26 KB, image/jpeg) 2023-12-22 22:02 CET, Wolfgang Bayrhof	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wolfgang Bayrhof

2023-12-22 22:02:01 CET

Created attachment 11168 [details]
screenshot showing the 502 error

Schooladmins get status code 502 when they try to open "Passwords (teachers)" in UMC and are not able to reset passwords of teachers. After clicking OK, only an empty list appears.

Please see the attached screenshot with the error message: "An unknown error with status code 502 occurred while connecting to the server, please try again later."

The management-console-server.log (debug-level 4) shows this:

22.12.23 18:59:34.694  MAIN        ( ALL     ) : reset_timeout(): new session expiration in 28799 seconds
22.12.23 18:59:34.700  MAIN        ( ALL     ) : reset_timeout(): new session expiration in 28799 seconds
22.12.23 18:59:34.700  MAIN        ( ALL     ) : reset_timeout(): new session expiration in 28799 seconds
22.12.23 18:59:34.702  RESOURCES   ( INFO    ) : Searching for module providing command schoolusers/schools
22.12.23 18:59:34.702  RESOURCES   ( INFO    ) : Found module schoolusers
22.12.23 18:59:34.702  MAIN        ( INFO    ) : Checking ACLs for schoolusers/schools (schoolusers)
22.12.23 18:59:34.706  MAIN        ( INFO    ) : Starting new module process schoolusers
22.12.23 18:59:34.707  MAIN        ( PROCESS ) : running: /usr/bin/python3 /usr/sbin/univention-management-console-module -m schoolusers -s /run/univention-management-console/4578-schoolusers-1703267974707-3fbcaae2-1c3e-4fa5-.socket -d 4 -l en_US.UTF-8
22.12.23 18:59:34.716  MAIN        ( INFO    ) : Passing request to module schoolusers
22.12.23 18:59:35.523  MAIN        ( ALL     ) : Received response 200
22.12.23 18:59:35.578  MAIN        ( ALL     ) : reset_timeout(): new session expiration in 28799 seconds
22.12.23 18:59:35.579  RESOURCES   ( INFO    ) : Searching for module providing command schoolusers/groups
22.12.23 18:59:35.579  RESOURCES   ( INFO    ) : Found module schoolusers
22.12.23 18:59:35.579  MAIN        ( INFO    ) : Checking ACLs for schoolusers/groups (schoolusers)
22.12.23 18:59:35.583  MAIN        ( INFO    ) : Passing request to module schoolusers
22.12.23 18:59:35.593  MAIN        ( ALL     ) : Received response 200
22.12.23 18:59:35.658  MAIN        ( ALL     ) : reset_timeout(): new session expiration in 28799 seconds
22.12.23 18:59:35.659  RESOURCES   ( INFO    ) : Searching for module providing command schoolusers/query
22.12.23 18:59:35.659  RESOURCES   ( INFO    ) : Found module schoolusers
22.12.23 18:59:35.659  MAIN        ( INFO    ) : Checking ACLs for schoolusers/query (schoolusers)
22.12.23 18:59:35.664  MAIN        ( INFO    ) : Passing request to module schoolusers
22.12.23 18:59:35.686  MAIN        ( PROCESS ) : ModuleProcess: child 4622 (schoolusers) exited with -6 (SIGABRT)
22.12.23 18:59:35.686  MAIN        ( WARN    ) : Reaching module failed: HTTP 599: Unknown
22.12.23 18:59:35       ERROR      (     4578) : 502 POST /univention/command/schoolusers/query (127.0.0.1) 31.91ms


The error is reproducible with:
UCS: 5.0-6 errata904
Installed: cups=2.2.1 samba4=4.16 squid=3.5 ucsschool=5.0 v4 4.4/ucsschool-veyon-proxy=4.7.4.14-0
Upgradable:

Comment 3 Daniel Tröder

2024-01-02 08:32:51 CET

The "free(): double free detected in tcache 2" is a bug in the C-library. That is very problematic and should be communicated upstream.

But it can be avoided by using the library correctly.

The "attr" argument tells the LDAP library & server which attributes should be included in the return list.
It is supposed to be a list of strings, not a dictionary!
It should look like this:
```
attr = ['uid', 'givenName', 'sn']
```
Please try the above code with this "attr" argument.

Comment 5 Johannes Königer

2024-01-02 09:30:56 CET

Yeah, I see it now - it _is_ a regression due to the resolution of Bug #50231:

https://git.knut.univention.de/univention/ucsschool/-/blob/993587c5fbbfdabdb6fe6446bce84d0907d40506/ucs-school-lib/modules/ucsschool/lib/school_umc_base.py#L371-387

The local variable `attr` gets overwritten by the loop...

Patch:
```
diff --git a/ucs-school-lib/modules/ucsschool/lib/school_umc_base.py b/ucs-school-lib/modules/ucsschool/lib/school_umc_base.py
index f51529ed4..13a127c1d 100644
--- a/ucs-school-lib/modules/ucsschool/lib/school_umc_base.py
+++ b/ucs-school-lib/modules/ucsschool/lib/school_umc_base.py
@@ -383,8 +383,8 @@ class SchoolBaseModule(Base):
                 )
                 # Bug #50231 prevent crashing
                 # previous list extend needs to be reformatted
-                for dn, attr in ldap_connection.search(filter=filter_s, attr=attr):
-                    users.append({"dn": dn, "attrs": attr})
+                for dn, _attr in ldap_connection.search(filter=filter_s, attr=attr):
+                    users.append({"dn": dn, "attrs": _attr})
         return user
```

Comment 6 Daniel Tröder

2024-01-02 10:41:11 CET

It seems like there is a missing test that covers that branch.
... no actually, there is one: 04_ucs-school-reset-password-non-school-member.py
Please check, why that test didn't trigger or detect the error in this bug report.

Comment 8 Johannes Königer

2024-01-03 12:59:24 CET

Fix has been merged and built:

Package: ucs-school-lib
Version: 13.0.43

Comment 9 Johannes Königer

2024-01-04 14:54:44 CET

Errata updates for UCS@school 5.0 v4 have been released.

https://docs.software-univention.de/ucsschool-changelog/5.0v4/en/changelog.html
https://docs.software-univention.de/ucsschool-changelog/5.0v4/de/changelog.html

If this error occurs again, please clone this bug.

Comment 10 Johannes Königer

2024-01-07 11:18:58 CET

> The "free(): double free detected in tcache 2" is a bug in the C-library.
> That is very problematic and should be communicated upstream.

Reported the `python-ldap` C extension bug with https://github.com/python-ldap/python-ldap/issues/556 and provided a possible fix with https://github.com/python-ldap/python-ldap/pull/555

(In reply to Daniel Tröder from comment #3)

Comment 11 Mirac Erdemiroglu

2024-01-08 08:52:30 CET

Another customer affected 2024010821000113

Comment 12 Christina Scheinig

2024-01-17 14:03:11 CET

An other customer 2024011721000196 is affected