Bug 583652 - Console caches magic numbers instead of DNA-generated values
Summary: Console caches magic numbers instead of DNA-generated values
Status: CLOSED CURRENTRELEASE
Alias: None
Product: 389
Classification: Retired
Component: Directory Console   
(Show other bugs)
Version: 1.2.5
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Nathan Kinder
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 434915
TreeView+ depends on / blocked
 
Reported: 2010-04-19 10:29 UTC by dan
Modified: 2015-12-07 16:58 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-12-07 16:58:32 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch (1.16 KB, patch)
2011-02-07 19:32 UTC, Nathan Kinder
nhosoi: review+
Details | Diff

Description dan 2010-04-19 10:29:43 UTC
User-Agent:       Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/533.2 (KHTML, like Gecko) Chrome/5.0.342.9 Safari/533.2

As per :
http://lists.fedoraproject.org/pipermail/389-users/2010-April/011425.html

With the DNA plug-in activated and configured, it is possible to create user entries with automagically-generated values by entering a pre-defined « magic number » in the appropriate fields (uid and gid, commonly).  However, once the user has been created, if you open the user entry in the console directly after creating it, the magic number will be listed instead of the actual value(s).

Completely re-starting the console fixes this behaviour, thus i am lead to believe it is a caching issue.  It is not a particularly severe bug, but there it is...

Reproducible: Always

Steps to Reproduce:
1. Activate and configure DNA plug-in
2. Create user in console using magic number
3. Open user entry in console
Actual Results:  
Magic number is shown instead of actual value.

Expected Results:  
Actual value is shown instead of magic number.

Comment 3 Nathan Kinder 2011-02-04 22:38:11 UTC
I ran some tests using the following packages on F14:

389-adminutil-devel-1.1.13-1.fc14.x86_64
389-admin-1.1.14-1.fc14.x86_64
389-console-1.1.4-1.fc14.noarch
389-ds-console-1.2.3-1.fc14.noarch
389-admin-console-1.1.5-1.fc14.noarch
389-ds-base-1.2.8-0.1.a1.fc14.x86_64
389-adminutil-1.1.13-1.fc14.x86_64

After running setup-ds-admin.pl, I stopped my 389-ds instance and added the following DNA configuration entry:

dn: cn=uids,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
objectClass: top
objectClass: extensibleObject
cn: uids
dnatype: uidNumber
dnamaxvalue: 10000
dnamagicregen: 0
dnafilter: (objectclass=posixAccount)
dnascope: dc=example,dc=com
dnanextvalue: 500

After restarting my 389-ds instance, I logged into Console as "cn=directory manager" and performed the following steps:

- Open the Directory Server instance.
- Select the "Directory" tab.
- Right click on the "dc=example,dc=com" node and choose "New->User"
- Fill in the "First Name", "Last Name", "Common Name", and "User ID" fields under the "User" tab on the left.
- Select the "Posix User" tab on the left.
- Check the "Enable Posix User Attributes" checkbox.
- Fill in the "UID Number" field with a value of "0".
- Fill in the "GID Number" and "Home Directory" fields.
- Click OK.

At this point a dialog is raised stating that a UID Number of "0" is for privileged users only.  I select "Yes" to go ahead and use the value.  The user is then created.  If you open the user entry up and choose the "Posix User" tab on the left, the "UID Number value is "500", which is the value assigned from DNA.

I also tried setting the DNA config to use a magic value other than 0 to avoid the warning dialog in Console, and the proper value is still displayed.  I even configured DNA to assign a value for the gidNumber attribute instead of the uidNumber attribute and the assigned value was still displayed.

If I create the entry using the "Users & Groups" tab in the main Console instead of using the "Directory" tab inside the the Directory Console, I am able to reproduce the issue.  It seems that "Users and Groups" simply needs to refresh an entry by searching for it after creation.

Comment 4 Nathan Kinder 2011-02-04 22:39:47 UTC
One other thing to note is that you can click on the "Search" button to find the entry just after creating it to refresh the values.  If this is done, the generated values are displayed for the recently created entry.

Comment 5 Nathan Kinder 2011-02-07 19:32:21 UTC
Created attachment 477488 [details]
Patch

This patch simply refreshes a newly added/modified entry from the DS in the "Users and Groups" tab in Console.

Comment 6 Nathan Kinder 2011-02-07 19:50:21 UTC
Checked into HEAD.  Thanks to Noriko for her review!

Checking in src/com/netscape/management/client/ug/ResourcePageObservable.java;
/cvs/dirsec/console/src/com/netscape/management/client/ug/ResourcePageObservable.java,v  <--  ResourcePageObservable.java
new revision: 1.3; previous revision: 1.2
done

Comment 7 Amita Sharma 2011-07-18 10:16:52 UTC
I followed the steps from comment#3..

If I create the entry using the "Users & Groups" tab in the main Console
instead of using the "Directory" tab inside the the Directory Console, I am
able to reproduce the issue.  It seems that "Users and Groups" simply needs to
refresh an entry by searching for it after creation. --

dn: cn=uids,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
objectClass: top
objectClass: extensibleObject
cn: uids
dnatype: uidNumber
dnamaxvalue: 10000
dnamagicregen: 0
dnafilter: (objectclass=posixAccount)
dnascope: dc=pnq,dc=redhat,dc=com
dnanextvalue: 500

It displayed : uidnumber=0 (is that fine)?

also I observed one thing which is odd :
==============================================
The warning screen : At this point a dialogue is raised stating that a UID Number of "0" is for privileged users only.  I select "Yes" to go ahead .. again it popped up.. everytime It is coming twice, be it the "Users & Groups" tab in the main Console Or from "Directory" tab.

Please guide?

Comment 8 Nathan Kinder 2011-07-18 15:29:22 UTC
(In reply to comment #7)
> It displayed : uidnumber=0 (is that fine)?
> 

Did you set nsslapd-pluginEnabled to "on" for the DNA plug-in?  The reproduction steps comment#3 did not mention this, but the plug-in needs to be enabled.

> also I observed one thing which is odd :
> ==============================================
> The warning screen : At this point a dialogue is raised stating that a UID
> Number of "0" is for privileged users only.  I select "Yes" to go ahead ..
> again it popped up.. everytime It is coming twice, be it the "Users & Groups"
> tab in the main Console Or from "Directory" tab.
> 
> Please guide?

This warning is fine.  Console has no way of knowing if DNA is being used, and you usually do not want to set someone's uidNumber to 0.

Comment 9 Amita Sharma 2011-07-19 06:18:23 UTC
ahhh .. how can I miss that :)
yeah it is working fine now. giving 0 for uid and getting 501, 502 ....

Hence marking as VERIFIED.


Note You need to log in before you can comment on or make changes to this bug.