| Summary: | Overlay refint option refint_nothing doesn't function correctly | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | David Spurek <dspurek> | ||||
| Component: | openldap | Assignee: | Jan Vcelak <jvcelak> | ||||
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 6.1 | CC: | ebenes, jplans, jvcelak, ksrot, omoris, ovasik, tsmetana | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | openldap-2.4.23-18.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: |
- openldap-servers package installed, refint overlay set up, refint_nothing option used
- when an entry which is referenced by some of refint_attributes is deleted, the value of the attribute is not replaced by the value in refint_nothing option, but is left untouched
- upstream patch applied to target this issue
- refint_nothing option works as described in documentation
|
Story Points: | --- | ||||
| Clone Of: | |||||||
| : | 733072 (view as bug list) | Environment: | |||||
| Last Closed: | 2011-12-06 11:49:22 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Bug Depends On: | |||||||
| Bug Blocks: | 733072 | ||||||
| Attachments: |
|
||||||
I found the problem, working on resolution.
bdb_modify: uid=ldap2,ou=People,dc=my-domain,dc=com
bdb_dn2entry("uid=ldap2,ou=people,dc=my-domain,dc=com")
bdb_modify_internal: 0x00000005: uid=ldap2,ou=People,dc=my-domain,dc=com
bdb_modify_internal: delete gecos
bdb_modify_internal: replace modifiersName
bdb_modify_internal: delete gecos
bdb_modify_internal: 16 modify/delete: gecos: no such attribute
bdb_modify: modify failed (16)
send_ldap_result: conn=-1 op=0 p=0
send_ldap_result: err=16 matched="" text="modify/delete: gecos: no such attribute"
refint_repair: dependent modify failed: 16
Upstream report: http://www.openldap.org/its/index.cgi?findid=6663 Upstream resolution: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=4ce7f5d Tested, the fix works. Fixed in openldap-2.4.23-18.el6
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
- openldap-servers package installed, refint overlay set up, refint_nothing option used
- when an entry which is referenced by some of refint_attributes is deleted, the value of the attribute is not replaced by the value in refint_nothing option, but is left untouched
- upstream patch applied to target this issue
- refint_nothing option works as described in documentation
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1514.html |
Created attachment 515097 [details] Slapd configuration file Description of problem: Overlay refint option refint_nothing doesn't function correctly. After delete the last value, an arbitrary value should be used as a placeholder. Attribute doesn't have an arbitrary value, but last value before delete. Version-Release number of selected component (if applicable): openldap-servers-2.4.23-15.el6 How reproducible: always Steps to Reproduce: 1.slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d/ (slapd.conf is in attachement) 2.add entry dn: dc=my-domain,dc=com objectClass: dcObject objectClass: organization dc: my-domain o: my-domain description: my-domain dn: cn=Manager,dc=my-domain,dc=com objectClass: organizationalRole cn: Manager description: Directory Manager dn: ou=People,dc=my-domain,dc=com objectClass: organizationalUnit ou: People dn: uid=ldap1,ou=People,dc=my-domain,dc=com cn: ldap1 objectClass: account objectClass: posixAccount objectClass: top uid: ldap1 uidNumber: 10001 gidNumber: 10001 homeDirectory: /home/ldap/ldap1 gecos: ldap1_user loginShell: /bin/sh userPassword: {SSHA}vXxC+eHHxf4p16273jJfK1xGrMSn+aUT dn: uid=ldap2,ou=People,dc=my-domain,dc=com cn: ldap2 objectClass: account objectClass: posixAccount objectClass: top uid: ldap2 uidNumber: 10002 gidNumber: 10002 homeDirectory: /home/ldap/ldap2 gecos: uid=ldap1,ou=People,dc=my-domain,dc=com loginShell: /bin/sh userPassword: {SSHA}vXxC+eHHxf4p16273jJfK1xGrMSn+aUT 3.ldapdelete -x -D cn=Manager,dc=my-domain,dc=com -w x uid=ldap1,ou=People,dc=my-domain,dc=com 4.ldapsearch -LLL -b dc=my-domain,dc=com -x "(uid=ldap2)" gecos Actual results: dn: uid=ldap2,ou=People,dc=my-domain,dc=com gecos: uid=ldap1,ou=People,dc=my-domain,dc=com Expected results: dn: uid=ldap2,ou=People,dc=my-domain,dc=com gecos: cn=missing,dc=my-domain,dc=com Additional info: When option refint_nothing missing, the attribute gecos is correctly missing in entry uid=ldap2,ou=People,dc=my-domain,dc=com.