Bug 1364277
| Summary: | on a read only replica invalid state info can accumulate | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Noriko Hosoi <nhosoi> |
| Component: | 389-ds-base | Assignee: | Noriko Hosoi <nhosoi> |
| Status: | CLOSED ERRATA | QA Contact: | Viktor Ashirov <vashirov> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.3 | CC: | mreynolds, nhosoi, nkinder, rmeggins, sramling |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | 389-ds-base-1.3.6.1-3.el7 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-08-01 21:10:21 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Noriko Hosoi
2016-08-04 23:02:29 UTC
1). Two master and consumers setup with account policy plugin enabled. [root@ratangad ~]# for PORT in `echo "1189 1289 1389 1489"`; do ldapsearch -D "cn=directory manager" -w Secret123 -h localhost -p 1189 -x -o ldif-wrap=no -b "cn=Account Policy Plugin,cn=plugins,cn=config" |egrep 'alwaysrecordlogin|nsslapd-pluginEnabled' ; done nsslapd-pluginEnabled: on alwaysrecordlogin: yes nsslapd-pluginEnabled: on alwaysrecordlogin: yes nsslapd-pluginEnabled: on alwaysrecordlogin: yes nsslapd-pluginEnabled: on alwaysrecordlogin: yes 2). Stop M2, M1 and C1. [root@ratangad ~]# /usr/lib64/dirsrv/slapd-M1/stop-slapd ; /usr/lib64/dirsrv/slapd-M2/stop-slapd; /usr/lib64/dirsrv/slapd-C1/stop-slapd [root@ratangad ~]# /usr/lib64/dirsrv/slapd-M1/start-slapd 3). [root@ratangad MMR_WINSYNC]# ps -eaf |grep -i slapd dsuser 14061 1 0 19:23 ? 00:00:00 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-M1 -i /var/run/dirsrv/slapd-M1.pid root 14386 13238 0 19:33 pts/3 00:00:00 grep --color=auto -i slapd [root@ratangad MMR_WINSYNC]# ./AddEntry.sh Users 1189 "ou=people,dc=passsync,dc=com" newtestusr 1 localhost No of entries added will be 1 Adding 1 Users to adding new entry "uid=newtestusr1,ou=people,dc=passsync,dc=com" [root@ratangad MMR_WINSYNC]# ldapsearch -D "uid=newtestusr1,ou=people,dc=passsync,dc=com" -w Secret123 -h localhost -p 1189 -x -o ldif-wrap=no -b "uid=newtestusr1,ou=people,dc=passsync,dc=com" |grep -i "dn: " dn: uid=newtestusr1,ou=People,dc=passsync,dc=com 4). [root@ratangad MMR_WINSYNC]# ldapsearch -D "cn=Directory Manager" -w Secret123 -h localhost -p 1189 -x -b "uid=newtestusr1,ou=people,dc=passsync,dc=com" '+' |grep -i lastLoginTime lastLoginTime: 20160915143756Z 5). Stop M1. Start M2. [root@ratangad MMR_WINSYNC]# /usr/lib64/dirsrv/slapd-M1/stop-slapd ; /usr/lib64/dirsrv/slapd-M2/start-slapd [root@ratangad MMR_WINSYNC]# ldapsearch -D "cn=Directory Manager" -w Secret123 -h localhost -p 1289 -x -b "uid=newtestusr1,ou=people,dc=passsync,dc=com" '+' |grep -i lastLoginTime [root@ratangad MMR_WINSYNC]# 6). To update the lastLoginTime attribute, attempted a bind from M2. Bind as newtestusr1, gives error 49. [root@ratangad MMR_WINSYNC]# ldapsearch -D "uid=newtestusr1,ou=people,dc=passsync,dc=com" -w Secret123 -h localhost -p 1289 -x -o ldif-wrap=no -b "uid=newtestusr1,ou=people,dc=passsync,dc=com" |grep -i "dn: " ldap_bind: Invalid credentials (49) Hi Noriko, the bug is not in ON_QA state. However, I followed the steps to reproduce the issue. But, I am getting error 49 at M2. Please guide me. Thanks! Sankar, why are you trying to verify this bug now? This bug is targeted to rhel-7.4 and the status of this bug is POST, which means there is no official build to have this fix... See the empty Fixed In Version box. Please note that we are including this fix in rhel-6.9 -- bz1316869, but rhel-6.9 has no official build either. Hi Noriko, this was by/my mistake. It was there in RHEL7.3 QE trac ticket. When I started working on it, I didn't notice neither the bug status nor the target release. I was assuming the fix is available with the latest build of RHEL7.3. Half way through my testing, I realized the bug is not targeted for RHEL7.3 release. However, I wanted to continue with the verification steps and add my comments in the bug for future reference. My query in comment #1, was about whether the steps followed were accurate or not. Anyways, I will investigate further about the test case, after verifying other RHEL7.3 bugs. (In reply to Sankar Ramalingam from comment #3) > Hi Noriko, this was by/my mistake. It was there in RHEL7.3 QE trac ticket. > When I started working on it, I didn't notice neither the bug status nor the > target release. I was assuming the fix is available with the latest build of > RHEL7.3. > > Half way through my testing, I realized the bug is not targeted for RHEL7.3 > release. However, I wanted to continue with the verification steps and add > my comments in the bug for future reference. My query in comment #1, was > about whether the steps followed were accurate or not. In Step 5, I stopped M1 first and then started M2. So, it didn't sync entry to other masters and consumers. It should be, start M2 first and then stop M1. This will allow the entries to be synced to M2. Access log messages [17/Sep/2016:05:40:41.397036079 +051800] conn=8 op=0 BIND dn="uid=3newtestusr1,ou=people,dc=passsync,dc=com" method=128 version=3 [17/Sep/2016:05:40:41.397493715 +051800] conn=8 op=0 RESULT err=49 tag=97 nentries=0 etime=0 - No such entry [17/Sep/2016:05:40:41.397775725 +051800] conn=8 op=1 UNBIND Anyways, I will > investigate further about the test case, after verifying other RHEL7.3 bugs. Sankar, 1). Two master and consumers setup with account policy plugin enabled. Please move this part of 3) to the end of 1). [root@ratangad MMR_WINSYNC]# ./AddEntry.sh Users 1189 "ou=people,dc=passsync,dc=com" newtestusr 1 localhost No of entries added will be 1 Adding 1 Users to adding new entry "uid=newtestusr1,ou=people,dc=passsync,dc=com" And double check the entry is replicated. Then, start the rest of the test. Thanks. =============== test session starts ========================
platform linux2 -- Python 2.7.5, pytest-3.1.2, py-1.4.34, pluggy-0.4.0 -- /usr/bin/python
cachedir: .cache
metadata: {'Python': '2.7.5', 'Platform': 'Linux-3.10.0-679.el7.x86_64-x86_64-with-redhat-7.4-Maipo', 'Packages': {'py': '1.4.34', 'pytest': '3.1.2', 'pluggy': '0.4.0'}, 'Plugins': {'beakerlib': '0.7.1', 'html': '1.15.0', 'cov': '2.5.1', 'metadata': '1.5.0'}}
DS build: 1.3.6.1
389-ds-base: 1.3.6.1-16.el7
nss: 3.28.4-8.el7
nspr: 4.13.1-1.0.el7_3
openldap: 2.4.44-5.el7
svrcore: 4.1.3-2.el7
rootdir: /export/tests, inifile:
plugins: metadata-1.5.0, html-1.15.0, cov-2.5.1, beakerlib-0.7.1
collected 1 items
tickets/ticket48944_test.py::test_ticket48944 PASSED
================== 1 passed in 85.20 seconds ====================
Marking it as verified based on the automated test results.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2086 |