Univention Bugzilla – Bug 38584
Attach default DHCP policies to default subnet instead of LDAP base
Last modified: 2015-08-06 17:53:15 CEST
We have many support requests because of the fact that the default DHCP policies (DHCP Routing and DHCP DNS) are attached to the LDAP base rather that the default (matching) DHCP subnet. If one creates a new DHCP subnet with new DNS and routing policies attached, those don't have any effect because of the values inherited from default-settings policies. Please also see Bug 37614
r61862 | Bug #38584,Bug #37614,Bug #38822: DHCP policies Move DHCP policy reference from base.ldif to univention-dhcp join script The following logic is implemented: 1. Check that the policy (still) exists using direct ldapsearch (Bug #38822) 2. Otherwise the following "udm --policy-reference" will fail (Bug #38856) 3. The polices are only linked on the first creation of a DHCP (Shared)Sub-Net (Bug #37614) Package: univention-ldap Version: 11.0.12-9.753.201507081110 Branch: ucs_4.0-0 Scope: errata4.0-2 Package: univention-dhcp Version: 9.0.0-3.521.201507081110 Branch: ucs_4.0-0 Scope: errata4.0-2 r61863 | Bug #38584,Bug #37614,Bug #38822: DHCP policies YAML 2015-07-06-univention-ldap.yaml 2015-07-09-univention-dhcp.yaml
01_base.09services_other_running.test fails since 7 days: > # /usr/sbin/dhcpd -f -d ; echo $? > LDAP line 4: expecting a parameter or declaration > option domain-name-servers 10.210.227.79; > ^ > LDAP: cannot parse dhcpService entry 'cn=AutoTest091.local,cn=dhcp,dc=AutoTest091,dc=local' > Configuration file errors encountered -- exiting > 1 > # cat /var/log/dhcp-ldap-startup.log > subnet 10.210.0.0 netmask 255.255.0.0 { > option routers 10.210.0.1; > option domain-name "AutoTest091.local"; > option domain-name-servers 10.210.227.79; > } It looks like the dynamically generated config is now invalid, since the top-level "option"s for the service are no longer generated.
r14953 | Bug #38584 DHCP: Fix comment parsing server/ldap.c:ldap_read_function() strips the last '\n' from the input. In case of a comment common/conflex.c:skip_to_eol() consumes all characters of the comment, before server/ldap.c:ldap_read_function(() is called again to generate the next line. This happend to be an "option" line generated by one of the UCS policies, which was then ignored. With the policies no longer being referenced by the LDAP root, the first line now becomes a "subnet" or "shared-subnet" block, which is ignored because of the leading comment. This leads to a parser error, because the opening '{' is then missing: > # dhcpd -d -f -t > LDAP line 2: expecting a parameter or declaration > option routers 10.200.17.1; > ^ > LDAP line 4: expecting a declaration > } > ^ > LDAP: cannot parse dhcpService entry 'cn=phahn.dev,cn=dhcp,dc=phahn,dc=dev' > Configuration file errors encountered -- exiting The fix adds a trailing white space to the comment, which is stripped by ldap_read_function() and leaves the new-line for skip_to_eol() to consume. Package: isc-dhcp Version: 4.2.2.dfsg.1-5+deb70u6.30.201507161139 Branch: ucs_4.0-0 Scope: errata4.0-2 r62151 | Bug #38584 DHCP: Depend on fixed isc-dhcp-server package Otherwise daemon refuses to start. Package: univention-dhcp Version: 9.0.0-4.522.201507161212 Branch: ucs_4.0-0 Scope: errata4.0-2 r62152 | Bug #38584 DHCP: Depend on fixed isc-dhcp-server package YAML 2015-07-09-univention-dhcp.yaml 2015-07-16-isc-dhcp.yaml OK: univention-install -y univention-dhcp ; sleep 30 ; pgrep -l dhcpd OK: dhcpd -d -f -t
Tests: OK Advisory: OK Code review: OK
<http://errata.univention.de/ucs/4.0/271.html> <http://errata.univention.de/ucs/4.0/272.html>
<http://errata.univention.de/ucs/4.0/270.html>