Bug 797256
| Summary: | ipa netgroup-add-member --hosts should not allow invalid characters | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Scott Poore <spoore> |
| Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.3 | CC: | dpal, jgalipea, mkosek, syeghiay |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-2.2.0-6.el6 | Doc Type: | Bug Fix |
| Doc Text: |
No documentation needed.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-06-20 13:19:19 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Scott Poore
2012-02-24 17:15:25 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/2447 Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/5cfee2338d548035151926c5c235f3426fca0499 ipa-2-2: https://fedorahosted.org/freeipa/changeset/df0e73a5dbfb4ad09a74c930f4d7e6d0721e5c9b From a quick check, I can see that it appears fixed for the --hosts option but, should it be for --setattr/--addattr? Doesn't appear to be: # ipa netgroup-add test1 --desc=asdf ---------------------- Added netgroup "test1" ---------------------- Netgroup name: test1 Description: asdf NIS domain name: testrelm.com IPA unique ID: 9a65ec84-7ccf-11e1-9e50-525400a8d770 # ipa netgroup-mod test1 --setattr=externalhost=anotherbadhost? ------------------------- Modified netgroup "test1" ------------------------- Netgroup name: test1 Description: asdf NIS domain name: testrelm.com External host: anotherbadhost? # ipa netgroup-mod test1 --addattr=externalhost=anotherbadhost\!\@\#$\%\^\&\*\(\) ------------------------- Modified netgroup "test1" ------------------------- Netgroup name: test1 Description: asdf NIS domain name: testrelm.com External host: anotherbadhost?, anotherbadhost!@#$%^&*() setting bug back to assigned I'm not sure if this is related yet but, I'm also now seeing an internal error if --hosts= is empty or space:
# ipa netgroup-add netgroup1 --desc=netgroup1
--------------------------
Added netgroup "netgroup1"
--------------------------
Netgroup name: netgroup1
Description: netgroup1
NIS domain name: testrelm.com
IPA unique ID: c295bb74-7cd1-11e1-9dc4-525400a8d770
# ipa netgroup-add-member netgroup1 --hosts=
ipa: ERROR: an internal error has occurred
# ipa netgroup-add-member netgroup1 --hosts=""
ipa: ERROR: an internal error has occurred
# ipa netgroup-add-member netgroup1 --hosts=" "
ipa: ERROR: an internal error has occurred
Entry from /var/log/httpd/error_log:
[Mon Apr 02 09:40:32 2012] [error] ipa: ERROR: non-public: TypeError: 'NoneType' object is not iterable
[Mon Apr 02 09:40:32 2012] [error] Traceback (most recent call last):
[Mon Apr 02 09:40:32 2012] [error] File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 315, in wsgi_execute
[Mon Apr 02 09:40:32 2012] [error] result = self.Command[name](*args, **options)
[Mon Apr 02 09:40:32 2012] [error] File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 438, in __call__
[Mon Apr 02 09:40:32 2012] [error] ret = self.run(*args, **options)
[Mon Apr 02 09:40:32 2012] [error] File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 716, in run
[Mon Apr 02 09:40:32 2012] [error] return self.execute(*args, **options)
[Mon Apr 02 09:40:32 2012] [error] File "/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py", line 1509, in execute
[Mon Apr 02 09:40:32 2012] [error] dn = callback(ldap, dn, member_dns, failed, *keys, **options)
[Mon Apr 02 09:40:32 2012] [error] File "/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py", line 266, in pre_callback
[Mon Apr 02 09:40:32 2012] [error] return add_external_pre_callback('host', ldap, dn, keys, options)
[Mon Apr 02 09:40:32 2012] [error] File "/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py", line 334, in add_external_pre_callback
[Mon Apr 02 09:40:32 2012] [error] for value in options[membertype]:
[Mon Apr 02 09:40:32 2012] [error] TypeError: 'NoneType' object is not iterable
[Mon Apr 02 09:40:32 2012] [error] ipa: INFO: admin: netgroup_add_member(u'netgroup1', all=False, raw=False, version=u'2.32', host=None): TypeError
That was with the 2.2.0-7 version. Good catch, I will reopen the upstream ticket. This case should be fixed. I have opened a separate bug to cover the setattr/addattr issue/question here. That can be handled there instead of here. That is bug 813325. There is still the question of the internal errors on empty --hosts= options. Empty hosts crash is fixed upstream: master: https://fedorahosted.org/freeipa/changeset/6f7224f252775c01e13c281a83e555b627834ffd ipa-2-2: https://fedorahosted.org/freeipa/changeset/dc0132addaf2a26daaf5f3b52dffdcb1502a9c03 Verified. Version :: ipa-server-2.2.0-10.el6.x86_64 Automated Test Results :: # netgroup_bz_797256 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: netgroup_bz_797256: ipa netgroup-add-member --hosts should not allow invalid characters :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ------------------------------------- Added netgroup "netgroup_bz_797256_1" ------------------------------------- Netgroup name: netgroup_bz_797256_1 Description: desc1 NIS domain name: testrelm.com IPA unique ID: 62eb79b6-8a78-11e1-a1bb-5254009625e8 :: [ PASS ] :: Running 'ipa netgroup-add netgroup_bz_797256_1 --desc=desc1' :: [ PASS ] :: Running 'ipa netgroup-add-member netgroup_bz_797256_1 --hosts=badhost? > /tmp/errormsg.out 2>&1' :: [ PASS ] :: BZ 797256 not found for ipa netgroup-add-member --hosts with ? --------------------------------------- Deleted netgroup "netgroup_bz_797256_1" --------------------------------------- :: [ PASS ] :: Running 'ipa netgroup-del netgroup_bz_797256_1' ------------------------------------- Added netgroup "netgroup_bz_797256_2" ------------------------------------- Netgroup name: netgroup_bz_797256_2 Description: desc2 NIS domain name: testrelm.com IPA unique ID: 69a5455c-8a78-11e1-819d-5254009625e8 :: [ PASS ] :: Running 'ipa netgroup-add netgroup_bz_797256_2 --desc=desc2' :: [ PASS ] :: Running 'ipa netgroup-add-member netgroup_bz_797256_2 --hosts=badhost\!\@\#$\%\^\&\*\(\) > /tmp/errormsg.out 2>&1' :: [ PASS ] :: BZ 797256 not found for ipa netgroup-add-member --hosts with other invalid characters --------------------------------------- Deleted netgroup "netgroup_bz_797256_2" --------------------------------------- :: [ PASS ] :: Running 'ipa netgroup-del netgroup_bz_797256_2' Manual Test Results :: # ipa netgroup-add test2 --desc=test2 ---------------------- Added netgroup "test2" ---------------------- Netgroup name: test2 Description: test2 NIS domain name: testrelm.com IPA unique ID: dd3d1f80-8a78-11e1-a25b-5254009625e8 # ipa netgroup-add-member test2 --hosts=badhost? ipa: ERROR: invalid 'host': only letters, numbers, _, and - are allowed. - must not be the DNS label character # ipa netgroup-add-member test2 --hosts=badhost\!\@\#$\%\^\&\*\(\) ipa: ERROR: invalid 'host': only letters, numbers, _, and - are allowed. - must not be the DNS label character # ipa netgroup-add-member test2 --hosts= Netgroup name: test2 Description: test2 NIS domain name: testrelm.com ------------------------- Number of members added 0 ------------------------- # ipa netgroup-add-member test2 --hosts="" Netgroup name: test2 Description: test2 NIS domain name: testrelm.com ------------------------- Number of members added 0 ------------------------- # ipa netgroup-add-member test2 --hosts=" " Netgroup name: test2 Description: test2 NIS domain name: testrelm.com ------------------------- Number of members added 0 -------------------------
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
No documentation needed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html |