Bug 876694 - RedHat Directory Server crashes (segfaults) when moving ldap entry
RedHat Directory Server crashes (segfaults) when moving ldap entry
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base (Show other bugs)
6.3
Unspecified Unspecified
urgent Severity urgent
: rc
: ---
Assigned To: Rich Megginson
Sankar Ramalingam
: ZStream
Depends On:
Blocks: 881827 901534
  Show dependency treegraph
 
Reported: 2012-11-14 13:04 EST by Rich Megginson
Modified: 2013-06-24 06:51 EDT (History)
5 users (show)

See Also:
Fixed In Version: 389-ds-base-1.2.11.15-4.el6
Doc Type: Bug Fix
Doc Text:
Cause: The code to check if the new superior entry exists or not was returning the "No such object" error only when the op was requested by the directory manager. Consequence: If an ordinary (non-root) user tries to use the modrdn operation to move an entry to a non-existing parent, it crashes the server Fix: This patch is removing the operator condition so that whoever the requester is, it returns the "No such object" error. Result: Modrdn to the non-existing parent successfully fails for any users.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 03:21:33 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Rich Megginson 2012-11-14 13:04:09 EST
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Rich Megginson 2012-11-14 13:05:40 EST
Upstream ticket:
https://fedorahosted.org/389/ticket/520
Comment 4 Noriko Hosoi 2012-11-16 19:48:58 EST
Steps to verify:
1. create a user: e.g., uid=tuser0,dc=example,dc=com with a userpassword: tuser0
2. give the all permission to the user.
3. ldapmodify ... -D 'uid=tuser0,dc=example,dc=com -w tuser0 << EOF
   dn: uid=tuser0,dc=example,dc=com
   changetype: modrdn
   newrdn: uid=tuser0
   deleteoldrdn: 1
   newsuperior: ou=bogus,dc=example,dc=com
   EOF
   where ou=bogus,dc=example,dc=com does not exist.
   If the operation successfully fails with "No such object" error, the bug is verified.
Comment 5 Milan Kubík 2012-11-26 10:53:27 EST
1. add user

$ /usr/lib64/mozldap/ldapsearch -b "ou=people,dc=brq,dc=redhat,dc=com" uid=tuser02 dn 
version: 1
dn: uid=tuser02,ou=People,dc=brq,dc=redhat,dc=com

2. grant user administrator permissions

$ /usr/lib64/mozldap/ldapsearch -D "cn=directory manager" -w Secret123 -b "dc=brq,dc=redhat,dc=com" cn="directory administrators" uniqueMember
version: 1
dn: cn=Directory Administrators,dc=brq,dc=redhat,dc=com
uniqueMember: cn=Directory Manager
uniqueMember: uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com

3. Attempt to modify entry

$ /usr/lib64/mozldap/ldapmodify -D "uid=tuser02,ou=people,dc=bre,dc=redhat,dc=com" -w Secret123 -a -f modentry.ldif 
ldap_simple_bind: No such object

$ echo $?
32

$ cat modentry.ldif
dn: uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com
changetype: modrdn
newrdn: uid=tuser0
deleteoldrdn: 1
newsuperior: ou=bogus,dc=brq,dc=redhat,dc=com

$ rpm -qa | grep 389
389-ds-base-1.2.11.15-4.el6.x86_64
Comment 6 Milan Kubík 2012-11-27 06:28:49 EST
typo in step 3.

$ /usr/lib64/mozldap/ldapmodify -D "uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com" -w Secret123 -a -f modentry.ldif 
modifying RDN of entry uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com and/or moving it beneath a new parent

ldap_rename: No such object
ldap_rename: matched: dc=brq,dc=redhat,dc=com

Result remaining: VERIFIED
Comment 9 errata-xmlrpc 2013-02-21 03:21:33 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0503.html
Comment 10 Milan Kubík 2013-06-24 06:51:36 EDT
Covered in subtreeRenames suite

Note You need to log in before you can comment on or make changes to this bug.