Univention Bugzilla – Full Text Bug Listing |
Summary: | Surprising line in slapd.conf: memberof-dn cn=admin,dc=univention,dc=unconfigured | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | LDAP | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Florian Best <best> |
Severity: | normal | ||
Priority: | P5 | CC: | best, damrose, hahn |
Version: | UCS 4.3 | Flags: | hahn:
Patch_Available+
|
Target Milestone: | UCS 4.4-4-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 1: Cosmetic issue or missing function but workaround exists |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 1: Nuisance – not a big deal but noticeable |
User Pain: | 0.017 | Enterprise Customer affected?: | |
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Cleanup | |
Max CVSS v3 score: |
Description
Arvid Requate
2018-08-23 15:39:39 CEST
debian/univention-ldap-overlay-memberof.postinst uses ucr set ldap/overlay/memberof/modifiersname?"cn=admin,$ldap_base" If the module is installed too early when "ldap/base" is not yet provisioned, that UCR is set too early and is not updated later on when the LDAP base is finally known. The UCRV must only be set by the join script, not in the postinst. Better: do not set the UCRV at alll (and apply Bug #38938 instead) I have a patch for this while working on the Python3 migration, which als adds many missing UCRV. The erratum does not fix broken lines, new new installations will not have it - UCR variables will no longer be set to their default values. [4.4-4] 65a57eb5ae Bug #47641 memberOf: Convert to Python 3 et al. [4.4-4] 5458deebfd Bug #51096 memberof: Convert to Python 3 .../univention-update-memberof | 49 ++++++++++++++-------- 1 file changed, 32 insertions(+), 17 deletions(-) [4.4-4] 462c666af8 Bug #51096 memberof: Fix shell issues in postinst .../debian/univention-ldap-overlay-memberof.postinst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) [4.4-4] ee08824415 Bug #51096 memberof: Remove .popstinst .../univention-ldap-overlay-memberof.preinst | 35 ---------------------- 1 file changed, 35 deletions(-) [4.4-4] 67e63459ea Bug #51096 memberof: Remove debian/*.dirs .../debian/univention-ldap-overlay-memberof.dirs | 1 - .../debian/univention-ldap-overlay-memberof.install | 1 - 2 files changed, 2 deletions(-) [4.4-4] 3c9642c184 Bug #51096 memberof: Remove dh_fixperms management/univention-ldap-overlay-memberof/debian/rules | 4 ---- 1 file changed, 4 deletions(-) [4.4-4] f3f908a9fd Bug #51096 memberof: Document UCR variables ...n-ldap-overlay-memberof.univention-config-registry | 8 ++------ ...rlay-memberof.univention-config-registry-variables | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+), 6 deletions(-) [4.4-4] 94d45ca2e1 Bug #47641 memberof: Do not set UCRV before join doc/errata/staging/univention-ldap-overlay-memberof.yaml | 7 ++++--- .../debian/univention-ldap-overlay-memberof.postinst | 10 +--------- ...-ldap-overlay-memberof.univention-config-registry-variables | 5 +++++ 3 files changed, 10 insertions(+), 12 deletions(-) [4.4-4] 6b9834f867 Bug #51096 memberof: make UCR templates compatible to python3 .../etc/ldap/slapd.conf.d/41univention-ldap-overlay-memberof | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) Package: univention-ldap-overlay-memberof Version: 11.0.0-3A~4.4.0.202004171316 Branch: ucs_4.4-0 Scope: errata4.4-4 [4.4-4] 8d60de2fe6 Bug #51096: univention-ldap-overlay-memberof 11.0.0-3A~4.4.0.202004171316 doc/errata/staging/univention-ldap-overlay-memberof.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) QA: apt install -t apt univention-ldap-overlay-memberof OK: python2 /usr/share/univention-ldap-overlay-memberof/univention-update-memberof OK: python3 /usr/share/univention-ldap-overlay-memberof/univention-update-memberof # after fixing univention.uldap.access.__encode_pwd (In reply to Philipp Hahn from comment #3) > The erratum does not fix broken lines, new new installations will not have > it - UCR variables will no longer be set to their default values. PS: Not setting the UCRVs makes no difference when comparing the evaluated template except "memberof-dn" which now is no longer set. This is okay: Quoting <man:slapo-memberof(5)>: > memberof-dn: … It defaults to the rootdn of the underlying database. QA: /usr/share/univention-ldap-overlay-memberof/univention-update-memberof Reopen: The YAML file did NOT contain the bug number, only a text entry. I will reopen this bug so everything can be double-checked before releasing this. (In reply to Erik Damrose from comment #5) > Reopen: The YAML file did NOT contain the bug number, only a text entry. I > will reopen this bug so everything can be double-checked before releasing > this. Thanks, everything is correct now. OK: variables aren't set in postinst - not set anywhere at all now. OK: default values OK: missing 'ldap/overlay/memberof/modifiersname' causes same behavior OK: YAML |