Bug 693520

Summary: matching rules do not inherit from superior attribute type
Product: Red Hat Enterprise Linux 6 Reporter: Rich Megginson <rmeggins>
Component: 389-ds-baseAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: high    
Version: 6.1CC: amsharma, benl, dpal, jgalipea, kevinu
Target Milestone: rcKeywords: screened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.8.0-2.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 693503 Environment:
Last Closed: 2011-05-19 12:43:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 693503    
Bug Blocks: 639035, 656390    

Description Rich Megginson 2011-04-04 21:12:07 UTC 
+++ This bug was initially created as a clone of Bug #693503 +++

If you have an attribute with a SUP somename, the attribute type does not inherit the matching rules from somename.

--- Additional comment from rmeggins on 2011-04-04 17:11:16 EDT ---

Created attachment 489857 [details]
0004-Bug-693503-matching-rules-do-not-inherit-from-superi.patch
Comment 4 Amita Sharma 2011-04-27 08:11:19 UTC 
Hi Rich,

Please help me with the verification steps.

Thanks,
Amita
Comment 5 Rich Megginson 2011-04-27 13:25:06 UTC 
1) find or create an attributetype that has SYNTAX and at least one matching rule (EQUALITY ORDERING or SUBSTRING)
2) find or create an attributetype that has as the SUP the attribute from step 1) - this attribute type should not specify SYNTAX or any matching rule
3) if you search the schema via LDAP (ldapsearch ... -s base -b "cn=schema" 'objectclass=*' attributetypes) you should see the attribute type from step 2 with SYNTAX and matching rules from the SUP
Comment 6 Amita Sharma 2011-04-28 11:22:20 UTC 
Thanks Rich. Executed below steps :

1. create an attributetype that has SYNTAX and at least one matching
rule (EQUALITY ORDERING or SUBSTRING)

 [root@rheltest slapd-rheltest]# ldapmodify -x -h localhost -p 1389 -D "cn=directory manager" -w Secret123 -v << EOF
> dn: cn=schema
> changetype: modify
> add: attributetypes
> attributetypes: ( 1.2.3.4.5.6.1 NAME 'dateofbirth' DESC 'For employee birthdays' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUED X-ORIGIN 'Example defined')
> EOF
ldap_initialize( ldap://localhost:1389 )
add attributetypes:
	( 1.2.3.4.5.6.1 NAME 'dateofbirth' DESC 'For employee birthdays' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUED X-ORIGIN 'Example defined')
modifying entry "cn=schema"
modify complete

2. create an attributetype that has as the SUP the attribute from step
1) - this attribute type should not specify SYNTAX or any matching rule

ldapmodify -x -h localhost -p 1389 -D "cn=directory manager" -w Secret123 -v << EOF
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes:( 2.16.840.1.113730.3.8.3.3 NAME 'enrolledBy' DESC 'DN of administrator who performed manual enrollment of the host' SUP dateofbirth X-ORIGIN 'IPA V2' )
EOF

ldap_initialize( ldap://localhost:1389 )
add attributeTypes:
	( 2.16.840.1.113730.3.8.3.3 NAME 'enrolledBy' DESC 'DN of administrator who performed manual enrollment of the host' SUP dateofbirth X-ORIGIN 'IPA V2' )
modifying entry "cn=schema"
modify complete

3. if you search the schema via LDAP (ldapsearch ... -s base -b "cn=schema"
'objectclass=*' attributetypes) you should see the attribute type from step 2
with SYNTAX and matching rules from the SUP

ldapsearch -x -h localhost -p 1389 -D "cn=Directory Manager" -w Secret123 -s base -b "cn=schema" 'objectclass=*' attributetypes
attributetypes: ( 2.16.840.1.113730.3.8.3.3 NAME 'enrolledBy' DESC 'DN of admi
 nistrator who performed manual enrollment of the host' SUP dateofbirth EQUALI
 TY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN ( 'IPA V2' 'use
 r defined' ) )


Bug is VERIFIED but one observation in case I will modify the First Attribute type using ldapmodify say I will add some new matching rule to the first attribute type then the changes are not reflecting to the Second attribute type which is using first as SUP. Please share your opinion about it?
Comment 7 Rich Megginson 2011-04-28 13:32:56 UTC 
(In reply to comment #6)
> Bug is VERIFIED but one observation in case I will modify the First Attribute
> type using ldapmodify say I will add some new matching rule to the first
> attribute type then the changes are not reflecting to the Second attribute type
> which is using first as SUP. Please share your opinion about it?

That's not currently supported.
Comment 8 Amita Sharma 2011-04-29 05:55:46 UTC 
Ok, thanks Rich. Marking the bug as VERIFIED.
Comment 9 errata-xmlrpc 2011-05-19 12:43:04 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html