RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1184585 - slaptest doesn't convert perlModuleConfig lines
Summary: slaptest doesn't convert perlModuleConfig lines
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openldap
Version: 7.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Matus Honek
QA Contact: Patrik Kis
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-01-21 18:01 UTC by Nate Straz
Modified: 2015-11-19 08:52 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: missing code that should handle converting perlModulConfig lines Consequence: these lines were ignored running slaptest Fix: fixed by adding logic to code Result: slaptest now correctly converts the lines
Clone Of:
: 1211890 (view as bug list)
Environment:
Last Closed: 2015-11-19 08:52:54 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
patch v1 (801 bytes, patch)
2015-04-14 13:02 UTC, Jan Synacek 		no flags Details | Diff
patch v2 (1.53 KB, patch)
2015-04-24 12:09 UTC, Jan Synacek 		no flags Details | Diff
patch v3 (1.18 KB, patch)
2015-04-27 07:34 UTC, Jan Synacek 		no flags Details | Diff
Show Obsolete (1) View All


Links
System ID Private Priority Status Summary Last Updated
OpenLDAP ITS 8105 0 None None None Never
Red Hat Product Errata RHSA-2015:2131 0 normal SHIPPED_LIVE Moderate: openldap security, bug fix, and enhancement update 2015-11-19 09:10:21 UTC

Description Nate Straz 2015-01-21 18:01:56 UTC 
Description of problem:

When using the perl backend, slaptest doesn't convert perlModuleConfig lines from slapd.conf to slapd.d.
[root@host-049 openldap]# cat perl/PerlConf.pm
#!/usr/bin/perl

package PerlConf;

use strict;
use warnings;
use POSIX;
use Data::Dumper;

sub new {
        my $class = shift;

        my $this = {};
        bless $this, $class;
        print {*STDERR} "PerlConf module loaded\n";
        $this->{test} = 0;

        return $this;
}

sub init {
        my $this = shift;
        my $log = $this->{LOG};

        if (!$this->{test}) {
                print {*STDERR} "FAIL Config option missing\n";
                return 1;
        } else {
                print {*STDERR} "PASS Config option set\n";
        }

        return 0;
}

sub search {
        my $this = shift;
        my ( $base, $scope, $deref, $sizeLim, $timeLim, $filter, $attrOnly, @attrs ) = @_;

        my @match_entries = ();

        return ( 0, @match_entries );
}

sub config {
        my $this = shift;
        my $log = $this->{LOG};

        my (@args) = @_;
        print {*STDERR} "config\n";

        my $test = shift @args;

        if ($test eq "ItWorked") {
                print {*STDERR} "GOOD Config option found\n";
                $this->{test} = 1;
                return 0;
        }

        print {*STDERR} "FAIL Config option missing\n";
        return 1;
}

1;


[root@host-049 openldap]# cat slapd.conf
include /etc/openldap/schema/core.schema

pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
moduleload back_perl.la
database perl
perlModulePath /etc/openldap/perl
perlModule PerlConf
perlModuleConfig ItWorked
suffix "dc=perl,dc=test"
rootdn "cn=Manager,dc=perl,dc=test"




Version-Release number of selected component (if applicable):
openldap-servers-2.4.39-6.el7.x86_64

How reproducible:
Easily

Steps to Reproduce:
1. copy PerlConf.pm from above to /etc/openldap/perl
2. copy slapd.conf from above to /etc/openldap
3. slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
4. chown -R ldap.ldap /etc/openldap/slapd.d
5. restorecon -R /etc/openldap/slapd.d
6. systemctl start slapd.service


Actual results:
[root@host-049 openldap]# rm -rf slapd.d
[root@host-049 openldap]# ls
certs  check_password.conf  ldap.conf  perl  schema  slapd.conf
[root@host-049 openldap]# slaptest -f slapd.conf
PerlConf module loaded
config
GOOD Config option found
PASS Config option set
config file testing succeeded
[root@host-049 openldap]# mkdir slapd.d
[root@host-049 openldap]# slaptest -f slapd.conf -F slapd.d
PerlConf module loaded
config
GOOD Config option found
PASS Config option set
config file testing succeeded
[root@host-049 openldap]# chown -R ldap.ldap slapd.d
[root@host-049 openldap]# restorecon -R slapd.d
[root@host-049 openldap]# systemctl start slapd
Job for slapd.service failed. See 'systemctl status slapd.service' and 'journalctl -xn' for details.
[root@host-049 openldap]# systemctl status slapd
slapd.service - OpenLDAP Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/slapd.service; disabled)
   Active: failed (Result: exit-code) since Wed 2015-01-21 11:58:32 CST; 4s ago
     Docs: man:slapd
           man:slapd-config
           man:slapd-hdb
           man:slapd-mdb
           file:///usr/share/doc/openldap-servers/guide.html
  Process: 28874 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=1/FAILURE)
  Process: 28861 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=exited, status=0/SUCCESS)

Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com systemd[1]: Starting OpenLDAP Server Daemon...
Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com runuser[28864]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com slapd[28874]: @(#) $OpenLDAP: slapd 2.4.39 (Dec  9 2014 03:55:47) $
                                                                       mockbuild.eng.bos.redhat.com:/builddir/build/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd
Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com slapd[28874]: PerlConf module loaded
Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com systemd[1]: slapd.service: control process exited, code=exited status=1
Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com systemd[1]: Failed to start OpenLDAP Server Daemon.
Jan 21 11:58:32 host-049.virt.lab.msp.redhat.com systemd[1]: Unit slapd.service entered failed state.


Expected results:
The config token ItWorked should be found in /etc/openldap/slapd.d and the perl module should see the config option when slapd starts as a service.


Additional info:
Comment 2 Jan Synacek 2015-04-14 13:02:50 UTC 
Created attachment 1014301 [details]
patch v1
Comment 5 Nate Straz 2015-04-15 16:12:57 UTC 
I don't think this is working correctly with multiple args.

perlModuleConfig homedir /mnt/nate0

gets converted to

olcPerlModuleConfig: homedir
olcPerlModuleConfig: /mnt/nate0

Which is then fed to the module in separate calls.

Apr 15 11:12:41 host-057 slapd: Setting config option homedir: /home ->
Apr 15 11:12:41 host-057 slapd: Not a valid config option: /mnt/nate0
Comment 6 Jan Synacek 2015-04-24 12:09:00 UTC 
Created attachment 1018437 [details]
patch v2
Comment 7 Jan Synacek 2015-04-27 07:34:15 UTC 
Created attachment 1019260 [details]
patch v3
Comment 8 Jan Synacek 2015-04-27 11:58:52 UTC 
The patch is now committed upstream:

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=fb1bf1caa82aa75eb5924e8c338da11f47854408
Comment 13 errata-xmlrpc 2015-11-19 08:52:54 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-2131.html
Note You need to log in before you can comment on or make changes to this bug.