This bug is created as a clone of upstream ticket: https://fedorahosted.org/389/ticket/48252 1) Create the entry # ldapadd -cvvvv -D "cn=Directory Manager" -W -f /root/ldif/create-posix-user2.ldif ldap_initialize( <DEFAULT> ) add objectClass: top account posixAccount shadowAccount add cn: Non Secure User add uid: user80 add uidNumber: 80 add gidNumber: 80 add homeDirectory: /home/insecure add loginShell: /bin/bash add userpassword: {CLEAR}redhat adding new entry "uid=user80,ou=People,dc=coe,dc=muc,dc=redhat,dc=com" modify complete 2) Check the index file # dbscan -f /var/lib/dirsrv/slapd-tscherf54/db/userRoot/gidNumber.db4 |grep "=80" =80 3) Delete the entry # ldapdelete -vx -D "cn=Directory Manager" -W "uid=user80,ou=People,dc=coe,dc=muc,dc=redhat,dc=com" ldap_initialize( <DEFAULT> ) deleting entry "uid=user80,ou=People,dc=coe,dc=muc,dc=redhat,dc=com" 4) Verify the value from deleted entry has been removed from index # dbscan -f /var/lib/dirsrv/slapd-tscherf54/db/userRoot/gidNumber.db4 |grep "=80" # 5) Run db2index again # /usr/lib64/dirsrv/slapd-tscherf54/db2index.pl -n userRoot -D "cn=Directory Manager" -W -t gidNumber adding new entry "cn=db2index_2015_8_19_10_34_41, cn=index, cn=tasks, cn=config" 6) Value from removed entry shows up in index file again # dbscan -f /var/lib/dirsrv/slapd-tscherf54/db/userRoot/gidNumber.db4 |grep "=80" =80 7) ldapsearch fails to find the removed entry and there is also nothing related in the error log: # ldapsearch -x gidNumber=80 # extended LDIF # # LDAPv3 # base <dc=coe,dc=muc,dc=redhat,dc=com> (default) with scope subtree # filter: gidNumber=80 # requesting: ALL # # search result search: 2 result: 0 Success # numResponses: 1
Build tested: 389-ds-base-1.2.11.15-74.el6.x86_64 # ldapadd -D "cn=Directory Manager" -w Secret123 dn: uid=user80,ou=People,dc=example,dc=com objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount cn: Non Secure User uid: user80 gidNumber: 80 uidNumber: 80 homeDirectory: /home/insecure loginShell: /bin/bash userPassword: {CLEAR}redhat adding new entry "uid=user80,ou=People,dc=example,dc=com" # dbscan -f /var/lib/dirsrv/slapd-rhel6ds/db/userRoot/gidnumber.db4 |grep "=80" =80 # ldapdelete -D "cn=Directory Manager" -w Secret123 "uid=user80,ou=People,dc=example,dc=com" after some time entry is removed from the index: # dbscan -f /var/lib/dirsrv/slapd-rhel6ds/db/userRoot/gidnumber.db4 |grep "=80" -c 0 # /usr/lib64/dirsrv/slapd-rhel6ds/db2index.pl -n userRoot -D "cn=Directory Manager" -w Secret123 -t gidNumber adding new entry "cn=db2index_2016_3_31_16_28_53, cn=index, cn=tasks, cn=config" # dbscan -f /var/lib/dirsrv/slapd-rhel6ds/db/userRoot/gidnumber.db4 |grep "=80" -c 0 Value from the removed entry didn't reappear, marking as VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0737.html