Univention Bugzilla – Bug 49594
Regression in determining default container for udm objects
Last modified: 2019-08-29 12:23:55 CEST
A regression in UCS 4.4 can be found with the determination of the default container for some udm object types, at least nagios/service objects are affected. To reproduce: In 4.3 (tested with UCS: 4.3-2 errata229) one can create e.g. a new nagios service via UMC udm module. The object is created in cn=nagios,$ldap_base. In 4.4 (4.4-0 errata137) the nagios service object will be created at the ldap base. This is at least unexpected for admins. Additionally, the ldap base get cluttered, because some objects can not be moved by udm. It may be an issue if some services expect their objects to be in or below a certain container. It may also affect replication and ACLs.
The reason is that the combobox for the container changed, so that it depends on the widget for the object-type. Therefore prior a request for getting the initial value of the "container" widget was done with the "nagios/nagios" flavor/object-type. Now, it used the selected object type (nagios/service). And nagios/service doesn't define default_containers = ['cn=nagios'], so the objects are created at the ldap base. From our own UDM handlers, only nagios objects are affected. A patch is: diff --git a/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/service.py b/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/service.py index 837a654c7e..4293a0638f 100644 --- a/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/service.py +++ b/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/service.py @@ -47,6 +47,7 @@ translation = univention.admin.localization.translation('univention.admin.handle _ = translation.translate module = 'nagios/service' +default_containers = ['cn=nagios'] childs = 0 short_description = _('Nagios service') diff --git a/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/timeperiod.py b/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/timeperiod.py index 21b81625a0..d7488b5eb6 100644 --- a/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/timeperiod.py +++ b/management/univention-directory-manager-modules/modules/univention/admin/handlers/nagios/timeperiod.py @@ -45,6 +45,7 @@ translation = univention.admin.localization.translation('univention.admin.handle _ = translation.translate module = 'nagios/timeperiod' +default_containers = ['cn=nagios'] childs = 0 short_description = _('Nagios time period')
This also happens with objects created in the "OX E-Mail" (but not the "OX Ressourcen") UMC module.
(In reply to Timo Denissen from comment #2) > This also happens with objects created in the "OX E-Mail" (but not the "OX > Ressourcen") UMC module. Yes, same for them: Missing definition of default_containers in the module definition.
https://help.univention.com/t/nagios-container/12514
Please add a warning to UDM (appearing in logfiles and on the "udm" cmdline) when an object is created at the LDAP base, and that was not explicitly requested. Reason: this is almost always an undesired result for the customer, which can be easily fixed by the creators of the UDM module.
(In reply to Daniel Tröder from comment #5) > Please add a warning to UDM (appearing in logfiles and on the "udm" cmdline) > when an object is created at the LDAP base, and that was not explicitly > requested. > > Reason: this is almost always an undesired result for the customer, which > can be easily fixed by the creators of the UDM module. The warning exists already: # udm users/user create --set username=foob --set lastname=bar --set password=univention WARNING: The object is not going to be created underneath of its default containers. Object created: uid=foob,l=school,l=dev
(In reply to Florian Best from comment #6) > The warning exists already: > > # udm users/user create --set username=foob --set lastname=bar --set > password=univention > WARNING: The object is not going to be created underneath of its default > containers. > Object created: uid=foob,l=school,l=dev Will this warning also appear, if there is no default container configured for the module?
(In reply to Daniel Tröder from comment #7) > (In reply to Florian Best from comment #6) > > The warning exists already: > > > > # udm users/user create --set username=foob --set lastname=bar --set > > password=univention > > WARNING: The object is not going to be created underneath of its default > > containers. > > Object created: uid=foob,l=school,l=dev > > Will this warning also appear, if there is no default container configured > for the module? No... Otherwise it would be displayed for container/* as well, etc.
Patch applied: univention-directory-manager-modules (14.0.13-1) a20f76d88717 | Bug #49594: nagios objects are created again in their default containers univention-directory-manager-modules.yaml a20f76d88717 | Bug #49594: nagios objects are created again in their default containers
OK: nagios objects are created in default container OK: yaml (591927e79e Bug #49594: yaml) -> verified
Caused by Bug #46919.
<http://errata.software-univention.de/ucs/4.4/205.html>