When upgrading from UCS 5.1 to 5.2, a slapadd from backup.ldif fails with the following traceback. slapd (2.5.13+dfsg-5A~5.2.0.202501141029) wird eingerichtet ... Neue Version der Konfigurationsdatei /etc/ldap/schema/README wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/collective.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/corba.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/core.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/core.schema wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/cosine.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/cosine.schema wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/duaconf.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/dyngroup.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/dyngroup.schema wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/inetorgperson.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/java.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/misc.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/misc.schema wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/nis.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/nis.schema wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/openldap.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/openldap.schema wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/pmi.ldif wird installiert ... Neue Version der Konfigurationsdatei /etc/ldap/schema/pmi.schema wird installiert ... Multifile: /etc/ldap/slapd.conf File: /etc/init.d/slapd Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.4.57+dfsg-3+deb11u1A~5.1.0.202501151832... done. Moving old database directories to /var/backups: - directory cn=internal... done. - directory cn=translog... done. - directory dc=dde001826,dc=com... done. Loading from /var/backups/slapd-2.4.57+dfsg-3+deb11u1A~5.1.0.202501151832: - directory cn=internal... done. - chowning database directory (openldap:openldap)... done - directory cn=translog... failed. Loading the database from the LDIF dump failed with the following error while running slapadd: /usr/lib/python3/dist-packages/requests/__init__.py:87: RequestsDependencyWarning: urllib3 (1.26.5) or chardet (5.1.0) doesn't match a supported version! warnings.warn("urllib3 ({}) or chardet ({}) doesn't match a supported " <= str2entry NULL (smr_normalize reqDN 21) slapadd: could not parse entry (line=14068) Stopping slapd (via systemctl): slapd.serviceESC[0;1;38;5;185mWarning: The unit file, source configuration file or drop-ins of slapd.service changed on disk. Run 'systemctl daemon-reload' to reload units.ESC[0m . Removing obsolete conffile /etc/ldap/schema/ppolicy.schema ... Removing obsolete conffile /etc/ldap/schema/ppolicy.ldif ... Multifile: /etc/ldap/slapd.conf File: /etc/init.d/slapd As a result, the LDAP cannot be accessed during the upgrade and the respective join scripts cannot be executed due to invalid credentials. The system is thus completely destroyed and the upgrade cannot be continued. I would therefore classify the bug as critical.
dn: reqSession=10297,cn=translog objectClass: auditObject reqDN: univentionCorporateClientSessionName=Windows Terminal Server,cn=Sessi on,cn=UCC,cn=univention,dc=ucs50domain,dc=net reqStart: 20190226133643Z reqSession: 10297 reqType: a structuralObjectClass: auditObject entryUUID: eac1250a-ce0e-1038-9bb4-3f5bbcff5eff creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth createTimestamp: 20190226123643Z entryCSN: 20190226123643.418719Z#000000#000#000000 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20190226123643Z
We've added a pre-update-check to * pre-update-checks-5.2-0 in https://updates.software-univention.de/download/univention-update-checks/ * preup.sh in https://updates.software-univention.de/dists/ucs510/ * and also in https://updates.software-univention.de/dists/ucs520/ And we created a script and helpdesk-article to get out of that situation: * https://help.univention.com/t/ucs-update-fails-with-verify-translog-schema/23981
5.1-0 ----- univention-updater (16.0.40) e0faafafa979 | Bug #58045: Added new pre update check to verify translog 5.2-0 ----- univention-updater (17.0.33) 3d26cec7994b | Bug #58045: Added new pre update check to verify translog 5.2-1 ----- univention-updater (17.0.34-3) caa7e53b2607 | Bug #58045: Added new pre update check to verify translog