Bug 573375 - MODRDN operation not logged
Summary: MODRDN operation not logged
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: 389
Classification: Retired
Component: Directory Server
Version: 1.2.6
Hardware: x86_64
OS: Linux
low
low
Target Milestone: ---
Assignee: Endi Sukma Dewata
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Depends On:
Blocks: 434914 389_1.2.6
TreeView+ depends on / blocked
 
Reported: 2010-03-14 13:43 UTC by Andrey Ivanov
Modified: 2015-12-07 17:10 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-12-07 17:10:28 UTC


Attachments (Terms of Use)
Import this file to reproduce the bug (2.45 KB, application/octet-stream)
2010-03-17 07:23 UTC, Andrey Ivanov
no flags Details
Test case (2.45 KB, application/octet-stream)
2010-03-17 07:24 UTC, Andrey Ivanov
no flags Details
0001-Bug-573375-MODRDN-operation-not-logged.patch (1.32 KB, patch)
2010-03-17 21:48 UTC, Endi Sukma Dewata
nhosoi: review+
Details | Diff

Description Andrey Ivanov 2010-03-14 13:43:08 UTC
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)

MODRDN operation does not generate the corresponding log line in access log 

Reproducible: Always

Steps to Reproduce:
1. Import export.ldif by ldif2db

2. Make modrdn with modrdn.ldif
/usr/bin/ldapmodify -x -D 'cn=Director Manager' -w '<mdp>' -f modrdn.ldif 

3. Watch the access log, op=1
Actual Results:  
[14/Mar/2010:14:16:01 +0100] conn=7 fd=128 slot=128 connection from 127.0.0.1 to 127.0.0.1
[14/Mar/2010:14:16:01 +0100] conn=7 op=0 BIND dn="cn=Directory Manager" method=128 version=3
[14/Mar/2010:14:16:01 +0100] conn=7 op=0 RESULT err=0 tag=97 nentries=0 etime=0.010000 dn="cn=Directory Manager"
[14/Mar/2010:14:16:01 +0100] conn=7 op=1 RESULT err=0 tag=109 nentries=0 etime=0.002000
[14/Mar/2010:14:16:01 +0100] conn=7 op=2 UNBIND
[14/Mar/2010:14:16:01 +0100] conn=7 op=2 fd=128 closed - U1

Expected Results:  
Additional MODRDN line in logs like 
[01/Feb/2010:14:47:10 +0100] conn=439077 op=4 MODRDN dn="uid=toto,ou=users,dc=example,dc=com" newrdn="uid=tata" newsuperior="ou=users,dc=example,dc=com"

The tag=109 corresponds to the result of moddn operation, so the RESULT part of the operation is logged, only the MODRDN part is absent.

Comment 1 Endi Sukma Dewata 2010-03-17 02:39:21 UTC
Andrey, could you provide the content of modrdn.ldif? Did you try this with a regular ldapmodrdn tool as well? Thanks.

Comment 2 Andrey Ivanov 2010-03-17 07:21:50 UTC
The modrdn.ldif file contains any modrdn operation (without changing the superior).

Here is how to reproduce it with ldapmodrdn :

* import the attached ldif file into the directory server:
 service dirsrv stop; /usr/lib64/dirsrv/slapd-krb5test/ldif2db -n userRoot -i modrdn-logs-bug.ldif ; service dirsrv start


* Make the MODRDN operation:
ldapmodrdn -x -h localhost -D "cn=Directory Manager" -w secret123 uid=TVradmin0,ou=Accounting,dc=example,dc=com uid=CoolAdmin

* Watch the access log :
tail -f /var/log/dirsrv/slapd-<slapd-id>/access

The result is:
[17/Mar/2010:08:16:08 +0100] conn=2 fd=64 slot=64 connection from 127.0.0.1 to 127.0.0.1
[17/Mar/2010:08:16:08 +0100] conn=2 op=0 BIND dn="cn=Directory Manager" method=128 version=3
[17/Mar/2010:08:16:08 +0100] conn=2 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[17/Mar/2010:08:16:08 +0100] conn=2 op=1 RESULT err=0 tag=109 nentries=0 etime=0
[17/Mar/2010:08:16:08 +0100] conn=2 op=2 UNBIND
[17/Mar/2010:08:16:08 +0100] conn=2 op=2 fd=64 closed - U1

Comment 3 Andrey Ivanov 2010-03-17 07:23:02 UTC
Created attachment 400653 [details]
Import this file to reproduce the bug

Comment 4 Andrey Ivanov 2010-03-17 07:24:59 UTC
Created attachment 400654 [details]
Test case

Comment 5 Endi Sukma Dewata 2010-03-17 21:48:04 UTC
Created attachment 400890 [details]
0001-Bug-573375-MODRDN-operation-not-logged.patch

Comment 6 Noriko Hosoi 2010-03-17 22:39:36 UTC
Comment on attachment 400890 [details]
0001-Bug-573375-MODRDN-operation-not-logged.patch

Ack.

Thanks for fixing the bug, Endi!

Comment 7 Noriko Hosoi 2010-03-18 16:49:41 UTC
Pushed to master on behalf of Endi.

$ git push
Counting objects: 11, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 740 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   0cd1fc4..d06cce8  master -> master

$ git log
commit d06cce8da19faba2a8d664c28123cda5808610c9
Author: Endi S. Dewata <edewata@redhat.com>
Date:   Wed Mar 17 16:05:53 2010 -0500

    Bug 573375 - MODRDN operation not logged
    
    https://bugzilla.redhat.com/show_bug.cgi?id=573375
    Resolves: bug 573375
    Bug Description: MODRDN operation not logged
    Fix Description: The slapi_log_access() should be invoked using
    LDAP_DEBUG_STATS, LDAP_DEBUG_STATS2, or LDAP_DEBUG_ARGS level.

commit 0cd1fc49e67e396cf5391a591c83fd1ad0df9d2b
[...]

Comment 10 Noriko Hosoi 2010-03-23 16:27:59 UTC
Pushed to Directory_Server_8_2_Branch.

$ git cherry-pick d06cce8da19faba2a8d664c28123cda5808610c9
Finished one cherry-pick.
[ds82-local 2e7f973] Bug 573375 - MODRDN operation not logged
 1 files changed, 2 insertions(+), 2 deletions(-)

$ git log
commit 2e7f9732cdc84a4b2d458aae4bc09f8de7b59a73
Author: Endi S. Dewata <edewata@redhat.com>
Date:   Wed Mar 17 16:05:53 2010 -0500

    Bug 573375 - MODRDN operation not logged
    
    https://bugzilla.redhat.com/show_bug.cgi?id=573375
    Resolves: bug 573375
    Bug Description: MODRDN operation not logged
    Fix Description: The slapi_log_access() should be invoked using
    LDAP_DEBUG_STATS, LDAP_DEBUG_STATS2, or LDAP_DEBUG_ARGS level.

$ git push origin ds82-local:Directory_Server_8_2_Branch
Counting objects: 11, done.
Delta compression using 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 730 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   a30b3bd..2e7f973  ds82-local -> Directory_Server_8_2_Branch

Comment 11 Jenny Severance 2010-06-07 18:47:10 UTC
verified - RHEL 4 - modrdn operation logged.

version:
redhat-ds-base-8.2.0-2010060704.el4dsrv


[07/Jun/2010:14:41:51 -0400] conn=2 fd=64 slot=64 connection from 10.16.98.157 to 10.16.98.157
[07/Jun/2010:14:41:51 -0400] conn=2 op=0 BIND dn="cn=Directory Manager" method=128 version=3
[07/Jun/2010:14:41:51 -0400] conn=2 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[07/Jun/2010:14:41:51 -0400] conn=2 op=1 MODRDN dn="uid=TVradmin0,ou=Accounting,dc=example,dc=com" newrdn="uid=CoolAdmin" newsuperior="(null)"
[07/Jun/2010:14:41:51 -0400] conn=2 op=1 RESULT err=0 tag=109 nentries=0 etime=0
[07/Jun/2010:14:41:51 -0400] conn=2 op=2 UNBIND
[07/Jun/2010:14:41:51 -0400] conn=2 op=2 fd=64 closed - U1

and successful 


# ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "uid=CoolAdmin,ou=Accounting,dc=example,dc=com" dn uid
# extended LDIF
#
# LDAPv3
# base <uid=CoolAdmin,ou=Accounting,dc=example,dc=com> with scope sub
# filter: (objectclass=*)
# requesting: dn uid 
#

# CoolAdmin, Accounting, example.com
dn: uid=CoolAdmin,ou=Accounting,dc=example,dc=com
uid: TVradmin0
uid: CoolAdmin

# search result
search: 2
result: 0 Success

# numResponses: 2


Note You need to log in before you can comment on or make changes to this bug.