Red Hat Bugzilla – Bug 982325
Overflow in nsslapd-disk-monitoring-threshold
Last modified: 2013-11-21 16:10:27 EST
Description of problem: When nsslapd-disk-monitoring-threshold is set too high, it overflows to negative numbers. Version-Release number of selected component (if applicable): 389-ds-base-1.2.11.15-16.el6_4.x86_64 How reproducible: always Steps to Reproduce: 1. ldapmodify -h localhost -p 389 -D "cn=directory manager" -w Secret123 <<EOF dn: cn=config changetype: modify replace: nsslapd-disk-monitoring-threshold nsslapd-disk-monitoring-threshold: 3000000000 EOF 2. ldapsearch -h localhost -p 22139 -D "cn=directory manager" -w Secret123 -b "cn=config" -LLL -s base nsslapd-disk-monitoring-threshold dn: cn=config nsslapd-disk-monitoring-threshold: -1294967296 Actual results: nsslapd-disk-monitoring-threshold is set to -1294967296 instead of 3000000000 Expected results: Value should be refused if too high. Additional info:
Upstream ticket: https://fedorahosted.org/389/ticket/47427
Additionally, please consider changing the upper bound in returned error message: ldapmodify -h localhost -p 22139 -D "cn=directory manager" -w Secret123 <<EOF dn: cn=config changetype: modify replace: nsslapd-disk-monitoring-threshold nsslapd-disk-monitoring-threshold: -2 EOF modifying entry "cn=config" ldap_modify: Operations error (1) additional info: nsslapd-disk-monitoring-threshold: "-2" is invalid, threshold must be greater than 2048 and less then -1
[jrusnack@dstet 6.0]$ ldapmodify -h localhost -p 19741 -D "cn=directory manager" -w Secret123 <<EOF dn: cn=config changetype: modify replace: nsslapd-disk-monitoring-threshold nsslapd-disk-monitoring-threshold: -2 EOF modifying entry "cn=config" [jrusnack@dstet 6.0]$ ldapsearch -h localhost -p 19741 -D "cn=directory manager" -w Secret123 -b "cn=config" -s base -LLL nsslapd-disk-monitoring-threshold dn: cn=config nsslapd-disk-monitoring-threshold: -2 [jrusnack@dstet 6.0]$ rpm -qa | grep 389 389-ds-base-debuginfo-1.2.11.15-18.el6_4.x86_64 389-ds-base-libs-1.2.11.15-18.el6_4.x86_64 389-ds-base-1.2.11.15-18.el6_4.x86_64 Negative values should be refused - see comment #3. Another unrelated minor issue: "Available disk space is now acceptable (0 bytes). Aborting shutdown, and restoring the log settings." The error message from log, that notifies about abort of shutdown, should probably contain information about free space, instead of '0 bytes'.
Verified on 389-ds-base-1.2.11.15-22.el6.x86_64: Trying to set nsslapd-disk-monitoring-threshold to -2 ldap_modify: Operations error ldap_modify: additional info: nsslapd-disk-monitoring-threshold: "-2" is invalid, threshold must be greater than 4096 and less then 9223372036854775807 modifying entry cn=config tp14: expect=1 actual=1 PASS Trying to set nsslapd-disk-monitoring-threshold to 9223372036854775808 ldap_modify: Operations error ldap_modify: additional info: nsslapd-disk-monitoring-threshold: "9223372036854775808" is invalid, threshold must be greater than 4096 and less then 9223372036854775807 modifying entry cn=config tp14: expect=1 actual=1 PASS Trying to set nsslapd-disk-monitoring-threshold to 2047 ldap_modify: Operations error ldap_modify: additional info: nsslapd-disk-monitoring-threshold: "2047" is invalid, threshold must be greater than 4096 and less then 9223372036854775807 modifying entry cn=config tp14: expect=1 actual=1 PASS Trying to set nsslapd-disk-monitoring-threshold to 0 ldap_modify: Operations error ldap_modify: additional info: nsslapd-disk-monitoring-threshold: "0" is invalid, threshold must be greater than 4096 and less then 9223372036854775807 modifying entry cn=config tp14: expect=1 actual=1 PASS Trying to set nsslapd-disk-monitoring-threshold to -1 294 967 296 ldap_modify: Operations error ldap_modify: additional info: nsslapd-disk-monitoring-threshold: "-1294967296" is invalid, threshold must be greater than 4096 and less then 9223372036854775807 modifying entry cn=config tp14: expect=1 actual=1 PASS Trying to set nsslapd-disk-monitoring-threshold to "invalid" ldap_modify: Operations error ldap_modify: additional info: nsslapd-disk-monitoring-threshold: "invalid" is invalid, threshold must be greater than 4096 and less then 9223372036854775807 modifying entry cn=config tp14: expect=1 actual=1 PASS Trying to delete nsslapd-disk-monitoring-threshold ldap_modify: DSA is unwilling to perform ldap_modify: additional info: Deleting attributes is not allowed modifying entry cn=config tp14: expect=53 actual=53 PASS
Not working on latest 389-ds-base-1.2.11.15-23 : [jrusnack@dstet ~]$ ldapsearch -D "cn=directory manager" -w Secret123 -b "cn=config" -LLL nsslapd-disk-monitoring-threshold -s base dn: cn=config nsslapd-disk-monitoring-threshold: 2097152 [jrusnack@dstet ~]$ ldapmodify -D "cn=directory manager" -w Secret123 <<EOF dn: cn=config changetype: modify replace: nsslapd-disk-monitoring-threshold nsslapd-disk-monitoring-threshold: 3000000000 EOF modifying entry "cn=config" [jrusnack@dstet ~]$ ldapsearch -D "cn=directory manager" -w Secret123 -b "cn=config" -LLL nsslapd-disk-monitoring-threshold -s base dn: cn=config nsslapd-disk-monitoring-threshold: -1294967296 [jrusnack@dstet ~]$ rpm -qa | grep 389-ds-base 389-ds-base-1.2.11.15-23.el6.x86_64 389-ds-base-libs-1.2.11.15-23.el6.x86_64
Verified on 389-ds-base-1.2.11.15-24. All tests in disk monitoring suite are passing.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1653.html