Bug 1570033

Summary: Errors log full of " WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set" messages
Product: Red Hat Enterprise Linux 7 Reporter: Ming Davies <minyu>
Component: 389-ds-baseAssignee: mreynolds
Status: CLOSED ERRATA QA Contact: RHDS QE <ds-qe-bugs>
Severity: unspecified Docs Contact: Marc Muehlfeld <mmuehlfe>
Priority: unspecified    
Version: 7.5CC: gparente, mreynolds, nkinder, pasik, rmeggins, tmihinto, winstan
Target Milestone: pre-dev-freeze   
Target Release: 7.6   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.3.8.4-1.el7 Doc Type: Bug Fix
Doc Text:
Directory Server no longer logs a warning when searching a non-existent DN in "entrydn" attributes Previously, searches for a non-existent distinguished name (DN) set in the "entrydn" attribute caused Directory Server to log a warning in the error log. With this update, the server correctly handles situations when an "entrydn" attribute fails to find a match. As a result, the server no longer logs a misleading warning.
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-10-30 10:13:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ming Davies 2018-04-20 13:17:44 UTC
Description of problem:
After updating 389-ds-base in RHDS10 from 1.3.6.1-28 to 1.3.7.5-19, the errors log is flooded with:

[13/Apr/2018:15:23:18.446577844 +0200] - WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set
[13/Apr/2018:15:23:18.447111033 +0200] - WARN - keys2idl - this is probably a bug that should be reported
[13/Apr/2018:15:23:18.449436104 +0200] - WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set
[13/Apr/2018:15:23:18.450191611 +0200] - WARN - keys2idl - this is probably a bug that should be reported

The message appears every time if the search filter is based on the attribute entrydn, and with a dn that does not exist.

Version-Release number of selected component (if applicable):
389-ds-base-1.3.7.5-19.el7_5.x86_64

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 3 mreynolds 2018-05-25 13:37:54 UTC
Upstream ticket:
https://pagure.io/389-ds-base/issue/49722

Comment 5 Viktor Ashirov 2018-07-23 15:17:13 UTC
Build tested: 389-ds-base-1.3.8.4-7.el7.x86_64


On affected version (389-ds-base-1.3.7.5-18.el7.x86_64)
[root@server ~]# ldapsearch -x -b dc=example,dc=com '(entrydn=cn=doesntexist,dc=example,dc=com)'
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: (entrydn=cn=doesntexist,dc=example,dc=com)
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1

[root@server ~]# tail -n2 /var/log/dirsrv/slapd-server/errors
[23/Jul/2018:11:12:41.920462525 -0400] - WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set
[23/Jul/2018:11:12:41.921787344 -0400] - WARN - keys2idl - this is probably a bug that should be reported


On fixed version:
[root@server ~]# ldapsearch -x -b dc=example,dc=com '(entrydn=cn=doesntexist,dc=example,dc=com)'
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: (entrydn=cn=doesntexist,dc=example,dc=com)
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1
[root@server ~]# grep -c 'this is probably a bug that should be reported' /var/log/dirsrv/slapd-server/errors
0

Message is no longer logged. Marking as VERIFIED.

Comment 9 errata-xmlrpc 2018-10-30 10:13:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:3127