Bug 1097002

Summary: Problem with deletion while replicated
Product: Red Hat Enterprise Linux 6 Reporter: Noriko Hosoi <nhosoi>
Component: 389-ds-baseAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Sankar Ramalingam <sramling>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: jadelman, jgalipea, nkinder, rmeggins, vashirov
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.11.15-34.el6 Doc Type: Bug Fix
Doc Text:
Cause: When deleting a node entry which descendants are all deleted, only the first position was checked. Consequence: The child entry at the first position is usually deleted in the database, but it could be reused for the replaced tombstone entry, which reports false error "has children" and makes the node deletion fail. Fix: Instead of checking the first position, check all the child entries and if they are tombstones or not. If all of them are tombstones, the node is deleted. Result: The false error "has children" is no more reported and a node entry which children are all tombstones is successfully deleted.
 Story Points: ---
Clone Of:
: 1097004 (view as bug list) Environment:
Last Closed: 2014-10-14 07:55:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1097004    
Attachments:
Description Flags
test ldif file none

Description Noriko Hosoi 2014-05-13 00:18:09 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/47764

Bug description: When checking a child entry on a node, it only
checked the first position, which was normally "deleted" if there
were no more children. But in some cases, a tombstoned child was
placed there.  If it occurred, even though there were no live child
any more, _entryrdn_delete_key returned "has children" and the delete
operation failed.
Comment 1 Noriko Hosoi 2014-05-13 00:26:48 UTC 
Created attachment 894938 [details]
test ldif file

Steps to verify:

Set up 2way MMR with the suffix o=a.
Import the attached sample.ldif to a master and initialize the other master.
ldapdelete -h <host> -p <master1_port> ... << EOF
ou=child,o=x,o=a
EOF
<-- this is successful
ldapdelete -h <host> -p <master1_port> ... << EOF
o=x,o=a
EOF
This used to fail and these error messages were logged in the error log.
[..] entryrdn-index - _entryrdn_delete_key: Failed to remove o=x; has children
[..] - database index operation failed BAD 1031, err=-1 Unknown error: -1

If "o=x,o=a" is successfully deleted without any errors, the bug is verified.
Comment 2 Noriko Hosoi 2014-05-13 00:38:00 UTC 
*** Bug 1097001 has been marked as a duplicate of this bug. ***
Comment 4 Viktor Ashirov 2014-07-03 12:49:10 UTC 
I created 2MMR setup using modified script 4MMRSetup.sh.

On slapd-M1: 
$ ldapadd -D 'cn=Directory Manager' -w Secret123  -H ldap://localhost:1189 << EOF
> dn: o=x,dc=example,dc=com
> objectClass: top
> objectClass: organization
> o: x
> 
> dn: ou=child,o=x,dc=example,dc=com
> ou: child
> objectClass: top
> objectClass: organizationalunit
> EOF
adding new entry "o=x,dc=example,dc=com"

adding new entry "ou=child,o=x,dc=example,dc=com"

$ ldapdelete -v -H ldap://localhost:1189 -D "cn=Directory Manager" -w Secret123 ou=child,o=x,dc=example,dc=com
ldap_initialize( ldap://localhost:1189/??base )
deleting entry "ou=child,o=x,dc=example,dc=com"

$ ldapdelete -v -H ldap://localhost:1189 -D "cn=Directory Manager" -w Secret123 o=x,dc=example,dc=com
ldap_initialize( ldap://localhost:1189/??base )
deleting entry "o=x,dc=example,dc=com"

$ rpm -qa | grep 389
389-ds-base-1.2.11.15-38.el6.x86_64
389-ds-base-libs-1.2.11.15-38.el6.x86_64

On old version without a fix it fails: 

$ ldapdelete -v -H ldap://localhost:1189 -D "cn=Directory Manager" -w Secret123 ou=child,o=x,dc=example,dc=com
ldap_initialize( ldap://localhost:1189/??base )
deleting entry "ou=child,o=x,dc=example,dc=com"

$ ldapdelete -v -H ldap://localhost:1189 -D "cn=Directory Manager" -w Secret123 o=x,dc=example,dc=com
ldap_initialize( ldap://localhost:1189/??base )
deleting entry "o=x,dc=example,dc=com"
ldap_delete: Operations error (1)

$ sudo tail -n 2 /var/log/dirsrv/slapd-M1/errors
[03/Jul/2014:13:12:54 +0200] entryrdn-index - _entryrdn_delete_key: Failed to remove o=x; has children
[03/Jul/2014:13:12:54 +0200] - database index operation failed BAD 1031, err=-1 Unknown error: -1

$ rpm -qa | grep 389
389-ds-base-1.2.11.15-32.el6_5.x86_64
389-ds-base-libs-1.2.11.15-32.el6_5.x86_64

Hence marking as verified.
Comment 5 errata-xmlrpc 2014-10-14 07:55:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1385.html