Bug 201540

Summary:	OpenLDAP migration script creates duplicate entries from NIS server
Product:	[Fedora] Fedora	Reporter:	Daniel Qarras <dqarras>
Component:	openldap	Assignee:	Jan Safranek <jsafrane>
Status:	CLOSED CURRENTRELEASE	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	5	CC:	rollercow
Target Milestone:	---
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:	openldap-2.3.34-3	Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2007-10-19 14:22:58 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Daniel Qarras 2006-08-07 08:40:27 UTC

migrate_all_nis_*line.sh creates duplicate entries in some cases because of the
NIS maps used with ypcat in the scripts. This can be fixed by changing the
following:

  ypcat $DOMFLAG hosts ... -> ypcat $DOMFLAG hosts.byaddr ...
  ypcat $DOMFLAG rpc.byname ... -> ypcat $DOMFLAG rpc.bynumber ...

The latter maps give always only one entry. The currently used maps give errors
like the following:

adding new entry "cn=testmachine.intranet,ou=Hosts,dc=intranet"
ldap_add: Already exists (68)

/usr/bin/ldapadd: returned non-zero exit status: saving failed LDIF to
/tmp/nis.ldif.C28465

And this causes the whole migration to fail.


On a related note, be default there is no file /etc/networks in a RHEL/Fedora
installation and no networks map is built on a NIS server so the following line
in the migration script causes a warning when running the script, perhaps it
could be made conditional to prevent the warning:

  ypcat $DOMFLAG networks


Please fix at least the duplicate entry problem.

Comment 1 Daniel Qarras 2006-09-20 20:22:05 UTC

So, what's the status with this?

Comment 2 Daniel Qarras 2007-04-21 13:24:45 UTC

Any news on this one?

Comment 3 Jan Safranek 2007-05-24 09:19:13 UTC

*** Bug 188056 has been marked as a duplicate of this bug. ***

Comment 4 Jan Safranek 2007-05-24 09:36:12 UTC

I am sorry for long time of silence - I'm new maintainer of openldap and I'm
slowly going through the old bugs... This will be fixed soon in rawhide (after
Fedora7 gets out).

Comment 5 Sitsofe Wheeler 2007-05-24 22:25:14 UTC

Jan:
Why the forward rather than backward dupe?

Comment 6 Jan Safranek 2007-05-25 09:52:14 UTC

If I underestand your question correctly, you are asking why I am going to fix
it in rawhide rather than FC5/6/7? Basically because this is not an
security/important issue and the workaround is available. Maybe it will get back
to Fedoras with some other updates, when there will be enough of them.

Comment 7 Sitsofe Wheeler 2007-05-25 21:17:17 UTC

Jan:
Not quite. Why not mark the rawhide bug as a dup of this one and then mark this
one against rawhide?

Comment 8 Jan Safranek 2007-05-28 07:33:48 UTC

What rawhide bug are you referring to? AFAIK there is no open bug on devel
regarding migration tools and NIS.

Comment 9 Sitsofe Wheeler 2007-05-28 15:34:41 UTC

Jan:
You're right. I must have been confused this one's status with another bug I was
looking at. But since this bug is against exactly the same version of FC as 
188056 it feels like there wasn't any real reason in duplicating forward rather
than back (I think I'll let the issue lie now - in the grand scheme of things so
long as the bug is fixed it doesn't matter).

Comment 10 Jan Safranek 2007-06-08 11:54:36 UTC

Fixed in openldap-2.3.34-3.fc8

Comment 11 Jan Safranek 2007-10-19 14:22:58 UTC

I do not think I will collect enough important fixed to release it in FC6, so
it's fixed only in rawhide (F8 soon) and F7.