Bug 1807971

Summary: dsctl healthcheck fails at checking replica when conflict entries are present
Product: Red Hat Enterprise Linux 8 Reporter: sgouvern
Component: 389-ds-baseAssignee: mreynolds
Status: CLOSED ERRATA QA Contact: RHDS QE <ds-qe-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.2CC: bsmejkal, lkrispen, lmiksik, mreynolds, pasik, spichugi, tbordaz, vashirov
Target Milestone: rcFlags: pm-rhel: mirror+
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-1.4-8020020200306194836.bf00efc9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-28 16:01:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description sgouvern 2020-02-27 15:19:07 UTC 
Description of problem:
dsctl fails with : ERROR: Error: replace() argument 2 must be str, not int


Version-Release number of selected component (if applicable):
389-ds-base-1.4.2.4-7.module+el8.2.0+5670+0b8b1c2e.x86_64

How reproducible:
run healthcheck on a replicated instance with conflict entries

Steps to Reproduce:
1. setup a topology with conflict entries, running :
# DEBUGGING=True py.test -v ds/dirsrvtests/tests/suites/replication/conflict_resolve_test.py::TestTwoMasters::test_add_modrdn 
2. start instances
3. run # dsctl master1 healthcheck
Enter Bind DN: cn=directory manager
Enter password for cn=directory manager on master1: 

Actual results:
Beginning lint report, this could take a while ...
Checking Backends ...
Checking Config ...
Checking Encryption ...
Checking FSChecks ...
Checking ReferentialIntegrityPlugin ...
Checking MonitorDiskSpace ...
Checking Replica ...
Error: replace() argument 2 must be str, not int

with verbose mode :
...
DEBUG: list filter = (&(objectclass=nsds5Replica))
DEBUG: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config getVal('nsDS5ReplicaRoot')
DEBUG: list filter = (&(objectclass=ldapsubentry)(nsds5replconflict=*))
DEBUG: replace() argument 2 must be str, not int
Traceback (most recent call last):
  File "/usr/sbin/dsctl", line 132, in <module>
    result = args.func(inst, log, args)
  File "/usr/lib/python3.6/site-packages/lib389/cli_ctl/health.py", line 88, in health_check_run
    result = lo_inst.lint()
  File "/usr/lib/python3.6/site-packages/lib389/_mapped_object.py", line 981, in lint
    for result in fn():
  File "/usr/lib/python3.6/site-packages/lib389/replica.py", line 1172, in _lint_conflicts
    report['detail'] = report['detail'].replace('COUNT', len(conflicts))
TypeError: replace() argument 2 must be str, not int
ERROR: Error: replace() argument 2 must be str, not int



Expected results:
dsctl healthcheck reports conflict entries issue

Additional info:
This error is not seen with build 389-ds-base-1.4.2.8-2.module+el8dsrv+5809+6657a82a.x86_64
Comment 1 mreynolds 2020-02-27 15:28:49 UTC 
This was already fixed upstream, but not sure in what ticket...
Comment 2 mreynolds 2020-02-27 15:33:42 UTC 
This was fixed in:  https://pagure.io/389-ds-base/issue/50780

https://pagure.io/389-ds-base/c/e6c6c4a57
Comment 9 sgouvern 2020-03-13 13:25:34 UTC 
With build 389-ds-base-1.4.2.4-8.module+el8.2.0+5959+cfcaedbd.x86_64

Steps executed:
1. setup a topology with conflict entries, running :
# DEBUGGING=True py.test -v ds/dirsrvtests/tests/suites/replication/conflict_resolve_test.py::TestTwoMasters::test_add_modrdn 
2. start instances
3. run # dsctl master1 healthcheck
Enter Bind DN: cn=directory manager
Enter password for cn=directory manager on master1: 
Beginning lint report, this could take a while ...
Checking Backends ...
Checking Config ...
Checking Encryption ...
Checking FSChecks ...
Checking ReferentialIntegrityPlugin ...
Checking MonitorDiskSpace ...
Checking Replica ...
Checking Changelog5 ...
Checking NssSsl ...
Healthcheck complete.
2 Issues found!  Generating report ...


[1] DS Lint Error: DSREPLLE0002
--------------------------------------------------------------------------------
Severity: LOW 
Affects:
 -- Replication
 -- Conflict Entries

Details:
-----------
There were 4 conflict entries found under the replication suffix "dc=example,dc=com".

Resolution:
-----------
While conflict entries are expected to occur in an MMR environment, they
should be resolved.  In regards to conflict entries there is always the original/counterpart
entry that has a normal DN, and then the conflict version of that entry.  Technically both
entries are valid, you as the administrator, needs to decide which entry you want to keep.
First examine/compare both entries to determine which one you want to keep or remove.  You
can use the CLI tool "dsconf" to resolve the conflict.  Here is an example:

    List the conflict entries:

        # dsconf slapd-master1  repl-conflict list dc=example,dc=com

    Examine conflict entry and its counterpart entry:

        # dsconf slapd-master1  repl-conflict compare <DN of conflict entry>

    Remove conflict entry and keep only the original/counterpart entry:

        # dsconf slapd-master1  repl-conflict remove <DN of conflict entry>

    Replace the original/counterpart entry with the conflict entry:

        # dsconf slapd-master1  repl-conflict swap <DN of conflict entry>



[2] DS Lint Error: DSCLLE0001
--------------------------------------------------------------------------------
Severity: LOW 
Affects:
 -- Replication
 -- Changelog

Details:
-----------
The replication changelog does have any kind of trimming configured.  This will
lead to the changelog size growing indefinitely.

Resolution:
-----------
Configure changelog trimming, preferably by setting the maximum age of a changelog
record.  Here is an example:

    # dsconf slapd-master1 replication set-changelog --max-age 30d


===== End Of Report (2 Issues found) =====


No more 'Error: replace() argument 2 must be str, not int' -> marking as verified
Comment 11 errata-xmlrpc 2020-04-28 16:01:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1703