Bug 42029 – Handler module is not called if an object is moved to a non-readable position

Bug 42029 - Handler module is not called if an object is moved to a non-readable position


Summary:	Handler module is not called if an object is moved to a non-readable position

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Listener (univention-directory-listener)
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.1-3-errata
Assigned To:	Philipp Hahn
QA Contact:	Arvid Requate

URL:
Keywords:

Depends on:
Blocks:	42616 42547
	Show dependency tree / graph

Reported:	2016-08-18 15:53 CEST by Stefan Gohmann
Modified:	2016-10-10 13:29 CEST (History)
CC List:	4 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	7: Crash: Bug causes crash or data loss
Who will be affected by this bug?:	3: Will affect average number of installed domains
How will those affected feel about the bug?:	3: A User would likely not purchase the product
User Pain:	0.360
Enterprise Customer affected?:	Yes
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2016080221000449
Bug group (optional):
Max CVSS v3 score:

Flags:	hahn: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Gohmann

2016-08-18 15:53:58 CEST

The listener doesn't call a listener module twice if an object is moved to a non-readable position. It works only with the replication module.

From the logs:
------------------------------------------------------------------------------
17.08.16 02:27:31.889  LISTENER    ( INFO    ) : notifier returned = id: 18220803       dn: uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar   cmd: r
17.08.16 02:27:31.889  LISTENER    ( INFO    ) : updating 'uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar' command r
17.08.16 02:27:31.899  LISTENER    ( INFO    ) : delete handlers for uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar
17.08.16 02:27:31.899  LISTENER    ( INFO    ) : replication: Running handler r for: uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar
17.08.16 02:27:31.899  LISTENER    ( PROCESS ) : replication: rename phase I: uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar (entryUUID=d56aa1e8-ef9c-1035-9045-c19db182a655)
17.08.16 02:27:31.905  LISTENER    ( INFO    ) : handler: replication (successful)
[...]
17.08.16 02:27:31.914  LISTENER    ( INFO    ) : handler: s4-connector (successful)
[...]
17.08.16 02:27:31.915  LISTENER    ( WARN    ) : at least one delete handler failed
17.08.16 02:27:31.975  LISTENER    ( INFO    ) : delete handlers for uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar
17.08.16 02:27:31.975  LISTENER    ( INFO    ) : replication: Running handler r for: uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar
17.08.16 02:27:31.975  LISTENER    ( INFO    ) : replication: LDAP keys=['uid', 'krb5PrincipalName', 'objectClass', 'univentionMailHomeServer', 'sambaProfilePath', 'entryUUID', 'sambaAcctFlags', 'sambaPasswordHistory', 'entryDN', 'structuralObjectClass', 'krb5MaxLife', '
cn', 'hasSubordinates', 'sambaHomePath', 'gecos', 'userPassword', 'ucsschoolRecordUID', 'krb5Key', 'krb5MaxRenew', 'mail', 'uidNumber', 'departmentNumber', 'loginShell', 'univentionObjectType', 'krb5KDCFlags', 'gidNumber', 'subschemaSubentry', 'entryCSN', 'sambaPwdLastSe
t', 'sambaPrimaryGroupSID', 'sambaNTPassword', 'modifyTimestamp', 'displayName', 'mailPrimaryAddress', 'ucsschoolSchool', 'sambaHomeDrive', 'modifiersName', 'sambaSID', 'createTimestamp', 'krb5KeyVersionNumber', 'sn', 'homeDirectory', 'ucsschoolSourceUID', 'givenName', '
creatorsName']; listener keys=[]
17.08.16 02:27:31.975  LISTENER    ( INFO    ) : replication: old entries from LDAP server and Listener do not match
17.08.16 02:27:31.975  LISTENER    ( PROCESS ) : replication: rename phase I: uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar (entryUUID=d56aa1e8-ef9c-1035-9045-c19db182a655)
17.08.16 02:27:31.976  LISTENER    ( INFO    ) : handler: replication (successful)
[...]
17.08.16 02:27:31.976  LISTENER    ( INFO    ) : handler: s4-connector (skipped)
[...]
17.08.16 02:27:31.976  LISTENER    ( INFO    ) : deleted from cache: uid=tester1,cn=schueler,cn=users,ou=305,dc=foo,dc=bar
------------------------------------------------------------------------------

The s4-connector listener module is skipped. Happened at Ticket #2016080221000449

Comment 1 Philipp Hahn

2016-08-18 16:05:25 CEST

1. In the rename-case the old cache is copied in line 725, but change_delete_dn() does a 2nd cache lookup on its own based on the new location, where (must likely) no entry is found.
cache_get_entry_lower_upper() then returns an empty cache entry, for which no handlers are registered.
handlers_delete() then only calls the replication module, as it is hard-coded and will print the "skipped" message for all other handlers.

As we already have fetched the cache entry, call handlers_delete() directly passing the copied cache.


2. The week before Arvid and I debugged a case, were the handlers were called twice when the LDAP search by UUID did not return a result.

Change that to retry the search by DN first and only then do the deletion if both searches returned nothing.


Untested patch: compiles and should fix the bug, but not tested.

diff --git a/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-listener/src/change.c b/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-listener/src/change.c
index ae1c566..e1cbfdc 100644
--- a/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-listener/src/change.c
+++ b/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-listener/src/change.c
@@ -771,12 +771,14 @@ retry_dn:
        }
        ldap_msgfree(res);
        if (delete) {
-               // FIXME: trans->cur.notify.command = 'd' // to overwrite 'r' without 'a'
-               rv = change_delete_dn(trans->cur.notify.id, trans->cur.notify.dn, trans->cur.notify.command);
                if (uuid) {
                        uuid = NULL;
                        goto retry_dn;
                }
+               // FIXME: trans->cur.notify.command = 'd' // to overwrite 'r' without 'a'
+               signals_block();
+               rv = handlers_delete(trans->cur.notify.dn, &trans->cur.cache, trans->cur.notify.command);
+               signals_unblock();
        }
 
 out:

Comment 2 Philipp Hahn

2016-08-22 10:17:42 CEST

r71776 | Bug #42029 Listener: Fix deletion of ACLed entries
r71775 | Bug #42029 Listener: Call handle once for deleted objects
r71774 | Bug #42029 Listener: Fix unit test

Package: univention-directory-listener
Version: 10.0.0-15.327.201608221002
Branch: ucs_4.1-0
Scope: errata4.1-3

r71782 | Bug #42029 Listener: Fix deletion of ACLed entries YAML
 univention-directory-listener.yaml

r71779 | Bug #42029 Listener: Fix deletion of ACLed entries
r71778 | Bug #42029 Listener: Call handle once for deleted objects
r71777 | Bug #42029 Listener: Fix unit test

Comment 3 Arvid Requate

2016-09-05 20:56:17 CEST

Code review: Ok
* r71776 implements point 1 of Comment 1 and r71775 implements point 2.

Patches merged to ucs-4.2-0

Test: Ok

Advisory: Ok, only for errata4.1-3, not for errata4.1-2

Comment 4 Janek Walkenhorst

2016-09-07 18:41:49 CEST

<http://errata.software-univention.de/ucs/4.1/259.html>