Bug 49850

Summary:	ucs-test: group_members_sync_from_ucs(): TypeError: 'NoneType' object has no attribute '__getitem__'
Product:	UCS	Reporter:	Florian Best <best>
Component:	S4 Connector	Assignee:	Florian Best <best>
Status:	CLOSED FIXED	QA Contact:	Arvid Requate <requate>
Severity:	normal
Priority:	P5	CC:	requate
Version:	UCS 4.4	Flags:	best: Patch_Available+
Target Milestone:	UCS 4.4-1-errata
Hardware:	Other
OS:	Linux
See Also:	https://forge.univention.org/bugzilla/show_bug.cgi?id=49478 https://forge.univention.org/bugzilla/show_bug.cgi?id=46971
What kind of report is it?:	Development Internal	What type of bug is this?:	---
Who will be affected by this bug?:	---	How will those affected feel about the bug?:	---
User Pain:		Enterprise Customer affected?:
School Customer affected?:		ISV affected?:
Waiting Support:		Flags outvoted (downgraded) after PO Review:
Ticket number:		Bug group (optional):
Max CVSS v3 score:
Attachments:	connector-s4.log

Description Florian Best

2019-07-15 17:27:55 CEST

Created attachment 10121 [details]
connector-s4.log

11.07.2019 16:07:32.636 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=kasi7mgp8k,cn=groups,DC=autotest091,DC=local
11.07.2019 16:07:32.666 LDAP        (WARNING): sync failed, saved as rejected
	/var/lib/univention-connector/s4/1562854050.160418
11.07.2019 16:07:32.667 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 910, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 2608, in sync_from_ucs
    f(self, property_type, object)
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 81, in group_members_sync_from_ucs
    return s4connector.group_members_sync_from_ucs(key, object)
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 1677, in group_members_sync_from_ucs
    ldap_object_ucs_gidNumber = ldap_object_ucs['gidNumber'][0]
TypeError: 'NoneType' object has no attribute '__getitem__'

Comment 3 Florian Best

2019-07-19 18:48:50 CEST

caused by git:1005980bc4f51f489300baa5d294592c3d79f3ce / Bug #46971.
Patch is simple:

diff --git a/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py b/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py
index b93b07f723..ee8da37a05 100644
--- a/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py
+++ b/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py
@@ -1674,12 +1674,12 @@ class s4(univention.s4connector.ucs):
                ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: type of object_ucs['dn']: %s" % type(object_ucs_dn))
                ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: dn is: %s" % object_ucs_dn)
                ldap_object_ucs = self.get_ucs_ldap_object(object_ucs_dn)
-               ldap_object_ucs_gidNumber = ldap_object_ucs['gidNumber'][0]

                if not ldap_object_ucs:
                        ud.debug(ud.LDAP, ud.PROCESS, 'group_members_sync_from_ucs:: The UCS object (%s) was not found. The object was removed.' % object_ucs_dn)
                        return

+               ldap_object_ucs_gidNumber = ldap_object_ucs['gidNumber'][0]
                ucs_members = set(ldap_object_ucs.get('uniqueMember', []))
                ud.debug(ud.LDAP, ud.INFO, "ucs_members: %s" % ucs_members)
                if ucs_members:

Comment 4 Florian Best

2019-07-19 18:55:17 CEST

Reproduce:

root@master100:~# tail -f /var/log/univention/connector-s4.log &
root@master100:~# udm groups/group create --set name=mytestgroup && udm groups/group remove --dn "cn=mytestgroup,$(ucr get ldap/base)"
WARNING: The object is not going to be created underneath of its default containers.
Object created: cn=mytestgroup,l=school,l=dev
Object removed: cn=mytestgroup,l=school,l=dev
root@master100:~# 15.07.2019 04:31:44.106 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=mytestgroup,DC=school,DC=dev
15.07.2019 04:31:44.310 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1563157903.818612
15.07.2019 04:31:44.310 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 910, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 2608, in sync_from_ucs
    f(self, property_type, object)
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 81, in group_members_sync_from_ucs
    return s4connector.group_members_sync_from_ucs(key, object)
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 1677, in group_members_sync_from_ucs
    ldap_object_ucs_gidNumber = ldap_object_ucs['gidNumber'][0]
TypeError: 'NoneType' object has no attribute '__getitem__'

Comment 5 Florian Best

2019-08-08 13:00:02 CEST

attachment 10121 [details] (s4connector.log from a ucs-test run) contains this traceback 193 times.

Fixed:

univention-s4-connector (13.0.2-28)
8ca2c92579a7 | Bug #49850: fix error when accesing removed ldap object

univention-s4-connector.yaml
8ca2c92579a7 | Bug #49850: fix error when accesing removed ldap object

Comment 6 Arvid Requate

2019-08-08 22:55:41 CEST

Verified:
* Code review
* Built package
* Advisory

Comment 7 Arvid Requate

2019-08-22 15:30:06 CEST

<http://errata.software-univention.de/ucs/4.4/239.html>