Bug 1079098

Summary: Simultaneous adding a user and binding as the user could fail in the password policy check
Product: Red Hat Enterprise Linux 6 Reporter: Noriko Hosoi <nhosoi>
Component: 389-ds-baseAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Sankar Ramalingam <sramling>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: amsharma, jgalipea, kbanerje, nhosoi, nkinder, rmeggins
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.11.15-44.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-14 07:53:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Noriko Hosoi 2014-03-21 01:29:56 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/47748

Simultaneous adding a user and binding as the user could fail in the password policy check since the bind_target_entry is not created at the timing when it is retrieved.
Comment 3 Amita Sharma 2014-08-20 07:51:05 UTC 
Is it the same user, in comment#0 adding a user and binding as the user ?
Please help.
Comment 4 Noriko Hosoi 2014-08-20 18:50:02 UTC 
(In reply to Amita Sharma from comment #3)
> Is it the same user, in comment#0 adding a user and binding as the user ?
> Please help.

I think the answer is yes.

Please take a look at the reproducer.
In each loop, Directory Manager adds a test user in the background manner.
At the same time, it calls search which bind user is the one just added.
We repeat it until it was successful or up to 40 times and go to next.
(Usually, the user add is completed and the ldapsearch returns success by the time for me.  If it's not for you, you could increase 40 to higher number.)

Since it's a race condition, I repeat 10000 times to make sure we don't miss the timing.
Comment 5 Amita Sharma 2014-08-25 07:24:58 UTC 
Thanks for the details Noriko, I did not get any crash after running script although I have changed the number to 80 in script.

Marking bug as VERIFIED.
Comment 6 Noriko Hosoi 2014-09-09 19:23:56 UTC 
This bug fix introduced a new bug (see also https://bugzilla.redhat.com/show_bug.cgi?id=1139637),
Comment 7 Noriko Hosoi 2014-09-09 19:25:18 UTC 
*** Bug 1139637 has been marked as a duplicate of this bug. ***
Comment 10 Sankar Ramalingam 2014-09-10 10:35:54 UTC 
Hi Amita, can you verify this bug with the latest build of 389-ds-base-1.2.11.15-44? You also need to run the test case given in Bug #1139637.
Comment 11 Amita Sharma 2014-09-10 12:25:56 UTC 
Tested with ::
[root@dhcp201-149 export]# rpm -qa | grep 389-ds-base
389-ds-base-debuginfo-1.2.11.15-44.el6.x86_64
389-ds-base-1.2.11.15-44.el6.x86_64
389-ds-base-libs-1.2.11.15-44.el6.x86_64

Executed https://bugzilla.redhat.com/show_bug.cgi?id=1139637 steps too.

Marking as VERIFIED.
Comment 12 Sankar Ramalingam 2014-09-11 18:02:19 UTC 
Changing the status to Verified as per comment #11
Comment 13 errata-xmlrpc 2014-10-14 07:53:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1385.html