Bug 35208

Summary: add ldap server option to univention-policy-update-config-registry.py
Product: UCS Reporter: Felix Botner <botner>
Component: univention-base-filesAssignee: Jannik Ahlers <ahlers>
Status: CLOSED FIXED QA Contact: Arvid Requate <requate>
Severity: normal    
Priority: P5 CC: ahlers, best, peichert, sieverdingbeck
Version: UCS 4.3Flags: best: Patch_Available+
Target Milestone: UCS 4.4-0-errata   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=49044
What kind of report is it?: Feature Request What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?: Yes
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Attachments: add-ldap-server-option.patch

Description Felix Botner univentionstaff 2014-06-27 12:45:08 CEST 
We need an optional option -l|--ldap-server in univention-policy-update-config-registry.py in order to define the ldap server to look for policies (default ldap/server -> local ldap).
Comment 1 Felix Botner univentionstaff 2014-06-27 12:46:17 CEST 
Created attachment 5976 [details]
add-ldap-server-option.patch
Comment 2 Florian Best univentionstaff 2017-06-28 14:52:49 CEST 
There is a Customer ID set so I set the flag "Enterprise Customer affected".
Comment 3 Jannik Ahlers univentionstaff 2019-03-14 11:06:12 CET 
I applied the patch Felix made.

Successful build
Package: univention-base-files
Version: 8.0.0-3A~4.4.0.201903141103
Branch: ucs_4.4-0
Scope: errata4.4-0

7d48096 Bug #35208: yaml
d880a03 Bug #35208: changelog
6faa4b1 Bug #35208: added ldap server option to script univention-policy-update-config-registry.py
Comment 4 Arvid Requate univentionstaff 2019-03-14 16:10:54 CET 
root@master10:~# /usr/lib/univention-directory-policy/univention-policy-update-config-registry -l something
could not open policy for cn=master10,cn=dc,cn=computers,dc=ar41i1,dc=qa
Comment 5 Arvid Requate univentionstaff 2019-03-14 16:15:42 CET 
Looking at the code it might be difficult to add a better error message, what do you think? I would be ok with the code as it is.
Comment 6 Jannik Ahlers univentionstaff 2019-03-14 16:33:29 CET 
There has been a better error message in the past, but it has been deactivated for some reason:

if proc.wait() != 0:
	# no output: this script is called by cron
	# print 'WARN: univention_policy_result failed - LDAP server may be down'

git blame doesn't give any meaningful result as to why that is as the code was refactored. I don't want to break anything, so it should stay as it is.
Comment 7 Arvid Requate univentionstaff 2019-03-14 17:04:26 CET 
Verified:
* Code
* Function
* Advisory
Comment 8 Arvid Requate univentionstaff 2019-03-19 14:20:29 CET 
We also need a backport for 4.3-3
Comment 9 Arvid Requate univentionstaff 2019-03-20 11:47:22 CET 
I've simply cloned the bug for 4.3, and will set this back to verified.
Comment 10 Erik Damrose univentionstaff 2019-04-10 14:19:04 CEST 
<http://errata.software-univention.de/ucs/4.4/44.html>