Bug 38455 - Prevent umc reload popup during system-setup
Prevent umc reload popup during system-setup
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: System setup
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-1-errata
Assigned To: Alexander Kläser
Alexander Kramer
:
Depends on:
Blocks: 38562
  Show dependency treegraph
 
Reported: 2015-05-06 14:33 CEST by Erik Damrose
Modified: 2015-05-19 12:57 CEST (History)
4 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
best: Patch_Available+


Attachments
Reload dialog (76.90 KB, image/png)
2015-05-06 14:33 CEST, Erik Damrose
Details
setup.log (276.40 KB, text/plain)
2015-05-06 14:34 CEST, Erik Damrose
Details
apache2 access.log (257.80 KB, text/plain)
2015-05-06 16:02 CEST, Erik Damrose
Details
apache2 error log (9.10 KB, text/plain)
2015-05-06 16:34 CEST, Erik Damrose
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Damrose univentionstaff 2015-05-06 14:33:50 CEST
Created attachment 6874 [details]
Reload dialog

I somehow managed to get the 'UMC reload required' popup during a system-setup run. If 'Reload' would have been clicked, the setup would have failed. This popup should never be shown to the user while configuring a UCS system

From apache log:
127.0.0.1 - - [06/May/2015:08:03:28 -0400] "HEAD /univention-management-console/js_$20150505055138$/umc/ HTTP/1.1" 404 267 "http://localhost/univention-management-console/?username=__systemsetup__&password=pZXoiyQFYto4QetZM00c19FY3Kx9zA&module=setup&flavor=wizard&overview=false&lang=en_US" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
Comment 1 Erik Damrose univentionstaff 2015-05-06 14:34:10 CEST
Created attachment 6875 [details]
setup.log
Comment 2 Florian Best univentionstaff 2015-05-06 15:00:42 CEST
Patch is this line in buildRendering of ApplianceWizard.js umc.tools.checkReloadRequired = function() {}
Comment 3 Erik Damrose univentionstaff 2015-05-06 16:02:18 CEST
Created attachment 6879 [details]
apache2 access.log
Comment 4 Erik Damrose univentionstaff 2015-05-06 16:34:48 CEST
Created attachment 6880 [details]
apache2 error log
Comment 5 Alexander Kläser univentionstaff 2015-05-06 17:25:43 CEST
This seems to happen during the time adjustment... here the output of the acccess.log sorted by time stamp and listing time, HTTP status code, requested path:
-------------------- 8< --------------------
> [...]
> 05/May/2015:06:00:39 -0400      200     /umcp/command/setup/ping
> 05/May/2015:06:00:43 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820043717
> 05/May/2015:06:00:44 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820044051
> 05/May/2015:06:00:48 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820048650
> 05/May/2015:06:00:51 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820051957
> 05/May/2015:06:00:59 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820059353
> 05/May/2015:06:01:06 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820066354
> 05/May/2015:06:01:06 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820066751
> 06/May/2015:08:03:28 -0400      200     /umcp/command/setup/finished?request.preventCache=1430820067554
> 06/May/2015:08:03:28 -0400      502     /umcp/auth?request.preventCache=1430913808183
> 06/May/2015:08:03:30 -0400      200     /umcp/command/setup/ping
> 06/May/2015:08:03:38 -0400      200     /umcp/command/setup/finished?request.preventCache=1430913818600
> [...]
-------------------- 8< --------------------

The auth request correlates with the execution of 40_ssl/10ssl:
-------------------- 8< --------------------
[...]
=== 30_net/18proxy (2015-05-05 06:01:07) ===
=== 35_timezone/10timezone (2015-05-05 06:01:07) ===
=== 40_ssl/10ssl (2015-05-05 12:01:07) ===
=== 50_software/10software (2015-05-06 14:03:38) ===
=== domain-join (2015-05-06 14:03:38) ===
[...]
-------------------- 8< --------------------

On the JS side, I could not spot a 401 error which would cause an automatic login. Therefore, I would assume that the time shift outdated the JS side session counter, causing an automatic login which failed (due to renewed SSL certificates).

Thus a call to tools.checkSession(false) should do the trick :) .
Comment 6 Alexander Kläser univentionstaff 2015-05-06 17:54:29 CEST
Did I forget do mention that the login will trigger a check whether a reload is required? Well, it does :) .

QA: Watch out for Bug 37565 (i.e., use errata >= 90) which will prevent you from trying to reproduce the original erroneous behaviour.
Comment 7 Alexander Kläser univentionstaff 2015-05-06 18:20:18 CEST
Fixed.

2015-05-05-univention-system-setup.yaml:
r60490 | Bug #38455: added YAML entry

univention-system-setup (8.1.66-42):
r60489 | Bug #38455: disalbe checks for session validity during the join process


QA: The best way to reproduce is to use a system with errata level >= 90 and a VM in the past. Before the join process is started, make sure to execute the following commands:
  source /usr/share/univention-lib/umc.sh
  umc_frontend_new_hash
This will trigger a reload dialogue during the above mentioned auth request.
Comment 8 Alexander Kramer univentionstaff 2015-05-07 13:37:48 CEST
> QA: The best way to reproduce is to use a system with errata level >= 90 and
> a VM in the past. Before the join process is started, make sure to execute
> the following commands:
>   source /usr/share/univention-lib/umc.sh
>   umc_frontend_new_hash
> This will trigger a reload dialogue during the above mentioned auth request.

As discussed I wasn't able to reproduce it, but I checked:
a) if checkSession is disabled during ucs configuration / join process - OK,
b) checkSession ist activated again after ucs configuration - OK and
c) if the ucs configuration still works - OK

OK - yaml
OK - debian/changelog
Comment 9 Janek Walkenhorst univentionstaff 2015-05-07 17:43:26 CEST
<http://errata.univention.de/ucs/4.0/190.html>