Bug 559016
Summary: | Attempting to rename suffix returns inappropriate errors | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Noriko Hosoi <nhosoi> | ||||||
Component: | Directory Server | Assignee: | Noriko Hosoi <nhosoi> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | 1.3.0 | CC: | amsharma | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2015-12-07 16:43:40 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 639035 | ||||||||
Attachments: |
|
Description
Noriko Hosoi
2010-01-26 22:01:48 UTC
(In reply to comment #0) > Description of problem: > $ ldapmodify -D 'cn=directory manager' -w pw > dn: dc=example,dc=com > changetype: modrdn > newrdn: dc=new,dc=com > deleteoldrdn: -1 > > modifying RDN of entry dc=example,dc=com > ldap_rename: Invalid DN syntax > ldap_rename: additional info: invalid RDN This case is failing since "dc=new,dc=com" is NOT a valid RDN. There is no way to specify new suffix separated with comma. > $ ldapmodify -D 'cn=directory manager' -w pw > dn: dc=example,dc=com > changetype: modrdn > newrdn: dc=new > deleteoldrdn: -1 > > modifying RDN of entry dc=example,dc=com > ldap_rename: DSA is unwilling to perform > ldap_rename: additional info: Cannot move entries accross backends This error is detected in mapping_tree.c: 2226 int slapi_mapping_tree_select_and_check(Slapi_PBlock *pb,char *newdn, Slapi _Backend **be, Slapi_Entry **referral, char *errorbuf) [...] 2265 if ((*be) && ((*be != new_be) || mtn_sdn_has_child(target_sdn))) 2266 { 2267 ret = LDAP_UNWILLING_TO_PERFORM; 2268 PR_snprintf(errorbuf, BUFSIZ, "Cannot move entries accross backends \n"); 2269 goto unlock_and_return; 2270 } Backend for the new suffix "dc=new,dc=com" has not been created, "new_be" is almost an empty backend. LDAP_UNWILLING_TO_PERFORM is a proper error code, but "Cannot move entries across backends" does not describe the cause of the error correctly. Created attachment 387689 [details]
git patch file
[Fix Description] If the target dn of the modrdn operation is a suffix,
check if the new dn already exists or not. If it exists, it returns
LDAP_ALREADY_EXISTS. If the backend associated with the new dn does
not exist, it returns LDAP_NO_SUCH_OBJECT. Otherwise, it returns
LDAP_NAMING_VIOLATION.
If the target dn of the modrdn is attempted to move across backends,
it returns LDAP_AFFECTS_MULTIPLE_DSAS instead of LDAP_UNWILLING_TO_PERFORM.
Modrdn (op_shared_rename) was logging the parameter errors in the
clients request as SLAPI_LOG_FATAL. Reduced the level to SLAPI_LOG_ARGS.
Also, replaced ldap_explode_dn with slapi_dn_syntax_check to verify
the newsuperior.
By the replacement, 2 bugs in slapi_dn_syntax_check were found.
1) The key for the DN in the hashtable of the attribute syntax has
to be "distinguishedName". 2) Argument type for plg_syntax_validate
was not correct.
[Test Results]
1. Suffix dc=com (backend "com")
1-1. Sub suffix dc=example,dc=com (independent backend "example")
Sub suffix dc=test,dc=com (independent backend "test")
a) rename dc=example to existing RDN dc=test
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=test
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: Already exists
ldap_rename: additional info: Suffix "dc=test,dc=com" already exists
b) rename dc=example to non-existing RDN dc=bogus
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=bogus
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: Naming violation
ldap_rename: additional info: Cannot rename suffix "dc=example,dc=com"
1-2. Both dc=example,dc=com and dc=test,dc=com are in the backend "com"
a) rename dc=example to existing RDN dc=test
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=test
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: Already exists
b) rename dc=example to non-existing RDN dc=bogus
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=bogus
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
# SUCCESS
1-3. Sub suffix dc=example,dc=com (independent backend "example")
dc=test,dc=com is in the backend "com"
a) rename dc=example to existing RDN dc=test
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=test
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: Naming violation
ldap_rename: additional info: Cannot rename suffix "dc=example,dc=com"
b) rename dc=example to non-existing RDN dc=bogus
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=bogus
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: Naming violation
ldap_rename: additional info: Cannot rename suffix "dc=example,dc=com"
2. dc=com does not exist
Suffix dc=example,dc=com (independent backend "example")
Suffix dc=test,dc=com (independent backend "test")
a) rename dc=example to existing RDN dc=test
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=test
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: Already exists
ldap_rename: additional info: Suffix "dc=test,dc=com" already exists
b) rename dc=example to non-existing RDN dc=bogus
dn: dc=example,dc=com
changetype: modrdn
newrdn: dc=bogus
deleteoldrdn: -1
modifying RDN of entry dc=example,dc=com
ldap_rename: No such object
ldap_rename: additional info: Backend for suffix "dc=bogus,dc=com" does not exist
3. Attempt to move an entry across the backend
Suffix dc=example,dc=com (independent backend "example")
Suffix dc=test,dc=com (independent backend "test")
dn: uid=LNestor999,ou=Product Development,dc=example,dc=com
changetype: modrdn
newrdn: uid=LNestor999
deleteoldrdn: -1
newsuperior: dc=test,dc=com
modifying RDN of entry uid=LNestor999,ou=Product Development,dc=example,dc=com and/or moving it beneath a new parent
ldap_rename: Affects multiple servers
ldap_rename: additional info: Cannot move entries accross backends
Reviewed by Nathan (Thank you!!!) Pushed to master. $ git merge work Updating 246527f..1378b05 Fast forward ldap/servers/slapd/mapping_tree.c | 51 +++++++++++++++++++++++++++++++++--- ldap/servers/slapd/modrdn.c | 25 ++++++++---------- ldap/servers/slapd/plugin_syntax.c | 4 +- 3 files changed, 60 insertions(+), 20 deletions(-) $ git push Counting objects: 15, done. Delta compression using 4 threads. Compressing objects: 100% (8/8), done. Writing objects: 100% (8/8), 1.98 KiB, done. Total 8 (delta 6), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 246527f..1378b05 master -> master Created attachment 511922 [details] DS-Console_SS Hi Noriko, Currently, I am having two sub suffixes with same name with different backed: namingContexts: dc=simplepaged,dc=com - simpledDB namingContexts: dc=SubSuffix,dc=simplepaged,dc=com - simpleSubnewDB namingContexts: dc=SubSufix,dc=simplepaged,dc=com -simpleSubDB Is it correct? Also when I am trying the first test scenario in comment#3, I am facing issue like : 1. I have added in DIT as : 1. Suffix dc=com (backend "com") 1-1. Sub suffix dc=example,dc=com (independent backend "example") Sub suffix dc=test,dc=com (independent backend "test") 2. When I am doing [root@rhel61 home]# ldapmodify -x -h localhost -p 1389 -D "cn=Directory Manager" -w Secret123 << EOF dn: dc=example,dc=com changetype: modrdn newrdn: dc=test deleteoldrdn: -1 EOF It is giving me below error ============================= modifying rdn of entry "dc=example,dc=com" ldap_rename: Naming violation (64) additional info: Cannot rename suffix "dc=example,dc=com" Instead of ========== modifying RDN of entry dc=example,dc=com ldap_rename: Already exists ldap_rename: additional info: Suffix "dc=test,dc=com" already exists and When I am checking the existence of suffix by ldapsearch -x -p 1389 -h localhost -D "cn=Directory Manager" -w Secret123 -b "" -s base "objectclass=*" This also gives me : dn: objectClass: top namingContexts: dc=com namingContexts: dc=example,dc=com namingContexts: dc=simplepaged,dc=com namingContexts: dc=SubSuffix,dc=simplepaged,dc=com namingContexts: dc=SubSufix,dc=simplepaged,dc=com namingContexts: o=netscaperoot NOTE :dc=test,dc=com is missing here above. But check the DS CONSOLE screen shot, PFA for the screen shot, It shows the sub-suffix dc=test,dc=com. Note: I have added the suffix and sub-suffixes using console, but that should not be an issue. It works for me. $ ldapsearch -LLLx -D 'cn=directory manager' -w pw -b "" -s base namingContexts dn: namingContexts: dc=com namingContexts: dc=test,dc=com namingContexts: dc=example,dc=com namingContexts: o=netscaperoot $ ldapmodify -x -D 'cn=directory manager' -w pw dn: dc=example,dc=com changetype: modrdn newrdn: dc=test deleteoldrdn: -1 modifying rdn of entry "dc=example,dc=com" ldap_rename: Already exists (68) additional info: Suffix "dc=test,dc=com" already exists If your server is the same one as you attached the screenshot, you don't have dc=test,dc=com (but dc=test,dc=com,dc=com). |