Bug 428037

Summary: services with multiple ports cause migration scripts to fail
Product: [Fedora] Fedora Reporter: Daniel Qarras <dqarras>
Component: openldapAssignee: Jan Safranek <jsafrane>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-14 09:19:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Qarras 2008-01-08 21:00:26 UTC 
This is almost the same as the earlier Bug 201183 I reported:

Services using two different ports for tcp/udp cause migration scripts to fail.
The services currently causing the problems are:

raid-am         2007/udp
raid-am         2013/tcp
terminaldb      2008/udp
terminaldb      2018/tcp
whosockami      2009/udp
whosockami      2019/tcp

With /usr/share/openldap/migration/migrate_all_offline.sh I get:

...
Preparing LDAP database...
=> bdb_tool_entry_put: id2entry_add failed: DB_KEYEXIST: Key/data pair already
exists (-30996)
=> bdb_tool_entry_put: txn_aborted! DB_KEYEXIST: Key/data pair already exists
(-30996)
slapadd: could not add entry dn="cn=raid-am,ou=Services,dc=domain" (line=16502):
txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996)
Migration failed: saving failed LDIF to /tmp/nis.ldif.WL3357

With /usr/share/openldap/migration/migrate_all_online.sh I get:

adding new entry "cn=nextstep,ou=Services,dc=intra"
ldapadd: Type or value exists (20)
        additional info: cn: value #0 provided more than once

Please consider fixing. Please also double check other similar cases, I did only
these two quick tests.

Thanks.
Comment 1 Jan Safranek 2008-01-14 09:19:29 UTC 
This is a common limitation of LDAP schema for services,  /etc/services cannot
be fully translated into ldap database. The RFC 2307 ("Using LDAP as a Network
Information Service") allows mapping from service name to port number/protocols
pair. It cannot map one service to port_A/udp and the same service to port_B/tcp
if A != B. LDAP server fails to add the second mapping.

It's up to the network administrator to decide:
- whether he/she wants to have only TCP or UDP in the LDAP database
- or rename the service to have different name for udp and tcp variant
- or change the port numbers to the same number for TCP and UDP
and manually modify the .ldif file.
Comment 2 Daniel Qarras 2008-01-14 17:06:09 UTC 
So basically now the migration scripts cannot be used on standard Fedora
installation. It would be nice to get at least a clear warning about this or
perhaps even a command line switch to ignore problematic entries.

Thanks.