Bug 47551

Summary: Block UCS 4.2 update to 4.3 with ox app installed due to schema registration
Product: UCS Reporter: Erik Damrose <damrose>
Component: Update - Release updatesAssignee: Erik Damrose <damrose>
Status: CLOSED FIXED QA Contact: Sönke Schwardt-Krummrich <schwardt>
Severity: normal    
Priority: P5 CC: troeder
Version: UCS 4.3   
Target Milestone: UCS 4.3-1-errata   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=47549
What kind of report is it?: Development Internal What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Bug Depends on:    
Bug Blocks: 47581    

Description Erik Damrose univentionstaff 2018-08-09 12:25:31 CEST 
Adapt the 4.3-0 preup.sh on *all* UCS systems and block the update to 4.3, when


The OX app is installed locally *AND*
( 
  the OX schema is not present in LDAP 
  *OR* 
  the schema file "oxforucs.schema" is not marked as ACTIVE in local LDAP
)


If that is the case, show a helptext that links to an sdb article with hints on how to proceed. There will be an erratum which enabled the ldap schema registration for the ox app, so one fix is to update the ucs master to that erratalevel.
Comment 1 Sönke Schwardt-Krummrich univentionstaff 2018-08-15 14:48:47 CEST 
New problem: 
the LDAP schema is always marked ACTIVE but not used.

It looks like we have to check the UCR variable ox/master/42/registered_ldap_acls on the DC master. Unless it's set to "yes", we have to stop the update.
Comment 2 Sönke Schwardt-Krummrich univentionstaff 2018-08-15 14:50:00 CEST 
New logic:

The OX app is installed locally *AND*
( 
  the OX schema is not present in LDAP 
  *OR* 
  on DC master is UCR variable ox/master/42/registered_ldap_acls != "yes"
)
Comment 3 Erik Damrose univentionstaff 2018-08-15 17:45:45 CEST 
df10f74 Adapt preup for OX

test if the app is installed by checking for the default package. Only then checks for the UCRv and ldap schema is run. The check for the UCRv is logging into the master via ssh regardless the server role.
The output of both checks is dumped to updater.log for debugging

The sdb article should be filled with information how to fix the issue: https://help.univention.com/t/9440

Set UCRv update43/ignore_ox_schema_issue to true to avoid the preup abort.
Comment 4 Daniel Tröder univentionstaff 2018-08-17 15:26:22 CEST 
The blocking has worked in my tests.
Comment 5 Sönke Schwardt-Krummrich univentionstaff 2018-08-17 17:53:42 CEST 
Found some logic bugs → REOPEN
Comment 6 Erik Damrose univentionstaff 2018-08-17 21:37:26 CEST 
Thanks Sönke for the suggestions. I applied them and pushed the preup to the test servers.

a293f51b Adapt 4.3-0 preup for OX
Comment 7 Erik Damrose univentionstaff 2018-08-21 11:21:53 CEST 
As discussed, i pushed the preup to the public repository server http://updates.software-univention.de/4.3/maintained/4.3-0/all/
Comment 8 Sönke Schwardt-Krummrich univentionstaff 2018-08-21 13:10:43 CEST 
OK: code change
OK: manual test
OK: signature