Bug 39373

Summary:	ensure uidNumber and gidNumber do not collide when add/mod user or group
Product:	UCS Test	Reporter:	Alexander Kläser <klaeser>
Component:	UDM	Assignee:	Eduard Mai <mai>
Status:	CLOSED FIXED	QA Contact:	Alexander Kläser <klaeser>
Severity:	normal
Priority:	P5	CC:	best, gohmann, mai, meybohm, requate, troeder
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Linux
See Also:	https://forge.univention.org/bugzilla/show_bug.cgi?id=26383 https://forge.univention.org/bugzilla/show_bug.cgi?id=28999
What kind of report is it?:	---	What type of bug is this?:	---
Who will be affected by this bug?:	---	How will those affected feel about the bug?:	---
User Pain:		Enterprise Customer affected?:
School Customer affected?:		ISV affected?:
Waiting Support:		Flags outvoted (downgraded) after PO Review:
Ticket number:		Bug group (optional):
Max CVSS v3 score:
Bug Depends on:	38796
Bug Blocks:
Attachments:	WIP Implementation

Description Alexander Kläser

2015-09-21 12:24:56 CEST

It would be good to have a test script for this case.

+++ This bug was initially created as a clone of Bug #38796 +++

Ticket#2015052921000512

We should ensure that a uidNumber is not used as gidNumber and vice versa as that may lead to problems with samba4 idmap ldb.

Comment 1 Alexander Kläser

2015-09-21 12:27:13 CEST

AFAIS, it would be good to ensure the following cases:
* Automatic UID should not collide with a GID
* I am not sure what should happen if a colliding UID is specified explicitely

Comment 2 Arvid Requate

2015-09-24 11:54:36 CEST

See also proposal at Bug 26383

Comment 3 Eduard Mai

2015-10-16 17:14:06 CEST

Created attachment 7211 [details]
WIP Implementation

Comment 4 Eduard Mai

2015-10-19 15:43:46 CEST

Added the proposed test to ucs-test. 

UCS4.0-3:
r64583: added the proposed test in 29_user_uidNumber_and_group_gidNumber_collision
Package: ucs-test
Version: 5.0.173-1.1262.201510191522

UCS4.1-0:
r64586: added the proposed test in 29_user_uidNumber_and_group_gidNumber_collision
Package ucs-test
Version: 6.0.9-16.1263.201510191530

Comment 5 Florian Best

2015-10-21 18:11:00 CEST

If there exists a user without uidNumber (because the options posix and samba aren't set) the test fails:

Traceback (most recent call last):
  File "29_user_uidNumber_and_group_gidNumber_collision", line 111, in <module>
    test_results = [consecutive_user_creation()]
  File "29_user_uidNumber_and_group_gidNumber_collision", line 42, in consecutive_user_creation
    id_to_collide_with = get_max_id()
  File "29_user_uidNumber_and_group_gidNumber_collision", line 33, in get_max_id
    highest_uid = max(int(user['uidNumber']) for user in users)
  File "29_user_uidNumber_and_group_gidNumber_collision", line 33, in <genexpr>
    highest_uid = max(int(user['uidNumber']) for user in users)
ValueError: invalid literal for int() with base 10: ''

Comment 6 Eduard Mai

2015-10-22 15:01:28 CEST

Fixed the test for user objects without a uidNumber attribute.

UCS4.0-3:
r64747 fixed 29_user_uidNumber_and_group_gidNumber_collision
Package: ucs-test
Version: 5.0.173-4.1286.201510221455

UCS4.1-0
r64752 fixed 29_user_uidNumber_and_group_gidNumber_collision
Package: ucs-test
Version: 6.0.10-12.1285.201510221453

Comment 7 Daniel Tröder

2015-10-22 15:14:54 CEST

Please also test explicit creation with directory/manager/uid_gid/uniqueness=no.

Comment 8 Eduard Mai

2015-10-26 16:40:35 CET

Extended the test as proposed.

UCS4.0-3:
r64854: extended 29_user_uidNumber_and_group_gidNumber_collision in ucs-test-user to test the directory/manager/uid_gid/uniqueness UCR variable. Code cleanup.
Package: ucs-test
Version: 5.0.173-5.1292.201510261629

UCS4.1-0:
r64855: Merge
Package: ucs-test
Version: 6.0.10-17.1293.201510261634

Comment 9 Alexander Kläser

2016-02-04 12:26:54 CET

Test looks good!
VERIFIED