Bug 658312
Summary: | Managed Entry plugin is not able to stop the match on $cn, or use a source 'DN' as a mappable attribute. | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Jr Aquino <jr.aquino> | ||||||
Component: | Directory Server | Assignee: | Nathan Kinder <nkinder> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | high | ||||||||
Version: | 1.2.7 | CC: | amsharma, jgalipea, nkinder, rmeggins | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2015-12-07 17:13:51 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 639035 | ||||||||
Attachments: |
|
Description
Jr Aquino
2010-11-29 23:41:44 UTC
There are a few things we should do to resolve this. The first is to allow a mapping in the template entry that maps the DN like this: attr: $dn The second thing we need to do is to stop parsing an attribute variable at the first character that is not legal in an attribute name (see RFC 4512 for what is legal). This would allow a mapping like this to work: attr: cn=$cn,dc=example,dc=com The third thing we should do is to allow quoting of an attribute variable. This will allow one to append anything to the end of a mapped attribute value, even if it begins with a character that is valid for use in an attribute name. An example of this sort of mapping is: attr: ${cn}test Created attachment 463847 [details]
Patch
Do we need to release a 1.2.7.2 with this fix or can this wait until 1.2.8? Pushed to master. Thanks to Rich for his review! Counting objects: 15, done. Delta compression using up to 2 threads. Compressing objects: 100% (8/8), done. Writing objects: 100% (8/8), 1.83 KiB, done. Total 8 (delta 5), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git bae65ae..0f49793 master -> master Created attachment 467320 [details]
Additional patch
The previous patch introduced an invalid free. This fixes it.
Pushed additional patch to master. Thanks to Noriko for her review! Counting objects: 13, done. Delta compression using up to 2 threads. Compressing objects: 100% (7/7), done. Writing objects: 100% (7/7), 877 bytes, done. Total 7 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git bfe31ac..6d7ddbb master -> master Can you please define the steps for "Attempt to create a Managed Entry ldif with a DN as a source attribute, the system will complain that "dn" is not a valid attr." for verifying this issue. Thanks (In reply to comment #8) > Can you please define the steps for "Attempt to create a Managed Entry ldif > with a DN as a source attribute, the system will complain that "dn" is not a > valid attr." for verifying this issue. Thanks Set up the Managed Entry plug-in according to the description at http://directory.fedoraproject.org/wiki/Managed_Entry_Design, but use $dn as a mapped attribute in the template like this: mepMappedAttr: description: $dn [root@testvm scripts]# ldapmodify -x -a -h localhost -p 389 -D "cn=Directory Manager" -w xxx << EOF
> dn: cn=UPG Template,dc=test,dc=com
> objectclass: mepTemplateEntry
> cn: UPG Template
> mepRDNAttr: cn
> mepStaticAttr: objectclass: posixGroup
> mepMappedAttr: cn: $uid
> mepMappedAttr: gidNumber: $gidNumber
> mepMappedAttr: description: $dn
> EOF
adding new entry "cn=UPG Template,dc=test,dc=com"
|