RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 808042 - "host group not found" error message is displayed while removing a member host from the hostgroup with huge members.
Summary: "host group not found" error message is displayed while removing a member hos...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa
Version: 6.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rob Crittenden
QA Contact: IDM QE LIST
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-03-29 12:15 UTC by Gowrishankar Rajaiyan
Modified: 2012-06-20 13:26 UTC (History)
4 users (show)

Fixed In Version: ipa-2.2.0-10.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Clone Of:
Environment:
Last Closed: 2012-06-20 13:26:06 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2012:0819 0 normal SHIPPED_LIVE ipa bug fix and enhancement update 2012-06-19 20:34:17 UTC

Description Gowrishankar Rajaiyan 2012-03-29 12:15:58 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
ipa-server-2.2.0-7.el6.x86_64

How reproducible:


Steps to Reproduce:
1. Create hostgroup
2. Add more than 2000 members to this hostgroup
3. Try removing a member. 
  
Actual results: See the following error message every other time while removing a member.

"ipa: ERROR: hostgroup772150: host group not found"

Expected results:
Member should be removed successfully. 

Additional info:
[root@primenova ~]# ipa -d hostgroup-remove-member hostgroup772150 --hosts=host816.lab.eng.pnq.redhat.com
...
ipa: DEBUG: approved_usage = SSLServer intended_usage = SSLServer
ipa: DEBUG: cert valid True for "CN=primenova.lab.eng.pnq.redhat.com,O=LAB.ENG.PNQ.REDHAT.COM"
ipa: DEBUG: handshake complete, peer = 10.65.201.100:443
ipa: DEBUG: Created connection context.xmlclient
ipa: DEBUG: raw: hostgroup_remove_member(u'hostgroup772150', all=False, raw=False, version=u'2.32', host=(u'host816.lab.eng.pnq.redhat.com',))
ipa: DEBUG: hostgroup_remove_member(u'hostgroup772150', all=False, raw=False, version=u'2.32', host=(u'host816.lab.eng.pnq.redhat.com',))
ipa: INFO: Forwarding 'hostgroup_remove_member' to server u'http://primenova.lab.eng.pnq.redhat.com/ipa/xml'
ipa: DEBUG: NSSConnection init primenova.lab.eng.pnq.redhat.com
ipa: DEBUG: connect_socket_family: host=primenova.lab.eng.pnq.redhat.com port=443 family=PR_AF_INET
ipa: DEBUG: connecting: 10.65.201.100:443
ipa: DEBUG: handshake complete, peer = 10.65.201.100:443
ipa: DEBUG: Caught fault 4001 from server http://primenova.lab.eng.pnq.redhat.com/ipa/xml: hostgroup772150: host group not found
ipa: DEBUG: Destroyed connection context.xmlclient
ipa: ERROR: hostgroup772150: host group not found
[root@primenova ~]# 



Script used to populate data:

#!/bin/bash

domain="lab.eng.pnq.redhat.com"

ipa sudocmd-add "/bin/ls"
ipa sudocmd-add "/bin/rm"
ipa hostgroup-add hostgroup772150 --desc="hostgroup772150"

for j in {1..253}; do
   for i in {1..253}; do
      echo Secret123 | kinit admin
      ipa dnsrecord-add $domain host$j$i --a-rec=1.1.$j.$i

      ipa user-add user$j$i --first=user$j$i --last=user$j$i

      ipa host-add host$j$i.$domain
      ipa hostgroup-add hostgrp$j$i --desc="hostgrp$j$i"
      ipa hostgroup-add-member hostgrp$j$i --hosts=host$j$i.$domain
      ipa hostgroup-add-member hostgroup772150 --hosts=host$j$i.$domain

      ipa hbacrule-add hbacrulehost$j$i
      ipa hbacrule-add-user hbacrulehost$j$i --users=user$j$i
      ipa hbacrule-add-service hbacrulehost$j$i --hbacsvcs=sshd
      ipa hbacrule-add-sourcehost hbacrulehost$j$i --hostgroups=hostgrp$j$i
      ipa hbacrule-add-host hbacrulehost$j$i --hostgroups=hostgrp$j$i

      ipa sudorule-add sudorulehost$j$i --desc="sudorulehost$j$i"
      ipa sudorule-add-user sudorulehost$j$i --users=user$j$i
      ipa sudorule-add-host sudorulehost$j$i --hosts=host$j$i.$domain
      ipa sudorule-add-host sudorulehost$j$i --hostgroups=hostgrp$j$i
      ipa sudorule-add-allow-command sudorulehost$j$i --sudocmds="/bin/ls"
      ipa sudorule-add-deny-command sudorulehost$j$i --sudocmds="/bin/rm"

      done
done
Comment 2 Dmitri Pal 2012-04-03 16:32:13 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2606
Comment 4 Rob Crittenden 2012-04-17 20:33:38 UTC 
Fixed upstream. Detect when the results have been truncated when trying to retrieve a single entry and raise a Limits error instead of Not Found.

master: a663e83cb2717ac4cf831261c93c1582f562a07f

ipa-2-2: 4a48efe636c0036334d4d3afadc933b0408de0f0
Comment 9 Martin Kosek 2012-04-25 11:06:44 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed.
Comment 10 Jenny Severance 2012-05-22 13:10:46 UTC 
results ::

ipa hostgroup-find --hosts=host18108.testrelm.com | grep hostgroup772150
  Host-group: hostgroup772150
  Description: hostgroup772150


# ipa hostgroup-remove-member --hosts=host18108.testrelm.com hostgroup772150 
ipa: ERROR: limits exceeded for this query


however the host is removed from the hostgroup

# ipa hostgroup-find --hosts=host18108.testrelm.com | grep hostgroup772150
#


expected success on removing the member an not an ipa ERROR
Comment 11 Rob Crittenden 2012-05-22 14:10:35 UTC 
This is a perfectly legitimate error. The operation took too long which is why it failed. If this happens the user will need to either specify --timelimit=XX or increase the default searchtimelimit in the configuration.
Comment 12 Jenny Severance 2012-05-22 14:13:11 UTC 
(In reply to comment #11)
> This is a perfectly legitimate error. The operation took too long which is
> why it failed. If this happens the user will need to either specify
> --timelimit=XX or increase the default searchtimelimit in the configuration.

ahhh okay .. marking bug verified :)

version :
ipa-2.2.0-14.el6
Comment 14 errata-xmlrpc 2012-06-20 13:26:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0819.html
Note You need to log in before you can comment on or make changes to this bug.