Re: (ITS#5355) back-meta calls back-ldap directly
by vorlon@debian.org
On Sun, Jun 29, 2008 at 05:23:57PM -0700, Howard Chu wrote:
> Steve Langasek wrote:
>> Is the correct fix to add
>> this function to the ldap_extra_t struct, as in the attached patch?
> Pretty much. There are a few other functions that need to be added as
> well. All of them are provided in current CVS HEAD, just grab the
> relevant changes from there.
Ok. With the patch from CVS HEAD applied, I'm seeing a segfault in make
test (specifically, the meta backend test):
>>>>> Starting test035-meta ...
running defines.sh
Starting slapd on TCP/IP port 9011...
Using ldapsearch to check that slapd is running...
Using ldapadd to populate the database...
Starting slapd on TCP/IP port 9012...
Using ldapsearch to check that slapd is running...
Using ldapadd to populate the database...
Starting slapd on TCP/IP port 9013...
/home/devel/openldap/build-area/openldap2.3-2.4.10/tests/scripts/test035-meta: line 118: 22990 Segmentation fault $SLAPD -f $CONF3 -h $URI3 -d $LVL /$TIMING > $LOG3 2>&1
Are you seeing this as well, or is this somehow specific to Debian? (It
doesn't seem like it should be related to libltdl in any way, and we don't
have any other patches that touch the meta backend; and I saw this segfault
both with the version of the patch I sent, and the one extracted from CVS.)
Unfortunately, running these tests under gdb seems to be pretty awkward. :/
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek(a)ubuntu.com vorlon(a)debian.org
15 years, 2 months
(ITS#5584)
by abartlet@samba.org
--=-GddVbqVLc61XV3X/kWQ/
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
I've uploaded the patch to http://abartlet.net/memberof.patch
--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
--=-GddVbqVLc61XV3X/kWQ/
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQBIaD8sz4A8Wyi0NrsRAjTZAJ4mQaT1xP5zbZG4Db0UM1BbzfmDYACePtXf
MCnHmzCUac6KL/WbRX7aSxE=
=2c9m
-----END PGP SIGNATURE-----
--=-GddVbqVLc61XV3X/kWQ/--
15 years, 2 months
[PATCH] (ITS#5584)
by abartlet@samba.org
--=-AN4G/3lLejTAf6KGBTk7
Content-Type: multipart/mixed; boundary="=-NvwPd4A703Oz/HjyG5IJ"
--=-NvwPd4A703Oz/HjyG5IJ
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
I think I've figured out the right way to fix this, handling modify with
0 replacement elements just like a delete.
See attached.=20
--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
--=-NvwPd4A703Oz/HjyG5IJ
Content-Disposition: attachment; filename=memberof.patch
Content-Type: text/x-patch; name=memberof.patch; charset=UTF-8
Content-Transfer-Encoding: base64
SW5kZXg6IHNlcnZlcnMvc2xhcGQvb3ZlcmxheXMvbWVtYmVyb2YuYw0KPT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KUkNT
IGZpbGU6IC9yZXBvL09wZW5MREFQL3BrZy9sZGFwL3NlcnZlcnMvc2xhcGQvb3ZlcmxheXMvbWVt
YmVyb2YuYyx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuMTkNCmRpZmYgLXUgLXIxLjE5IG1lbWJl
cm9mLmMNCi0tLSBzZXJ2ZXJzL3NsYXBkL292ZXJsYXlzL21lbWJlcm9mLmMJMTEgSmFuIDIwMDgg
MDU6MDc6NDMgLTAwMDAJMS4xOQ0KKysrIHNlcnZlcnMvc2xhcGQvb3ZlcmxheXMvbWVtYmVyb2Yu
YwkzMCBKdW4gMjAwOCAwMToyODoxMiAtMDAwMA0KQEAgLTg0MywxMSArODQzLDE3IEBADQogCQkJ
CQlicmVhazsNCiAJCQ0KIAkJCQljYXNlIExEQVBfTU9EX1JFUExBQ0U6DQorCQkJCQkvKiBIYW5k
bGUgdGhpcyBqdXN0IGxpa2UgYSBkZWxldGUgKHNlZSBhYm92ZSkgKi8NCisJCQkJCWlmICggbWwt
PnNtbF9udmFsdWVzID09IE5VTEwgKSB7DQorCQkJCQkJbWxwID0gJm1sLT5zbWxfbmV4dDsNCisJ
CQkJCQlicmVhazsNCisJCQkJCX0NCisNCiAJCQkJY2FzZSBMREFQX01PRF9BREQ6DQogCQkJCQkv
KiBOT1RFOiByaWdodCBub3csIHRoZSBhdHRyaWJ1dGVUeXBlIHdlIHVzZQ0KIAkJCQkJICogZm9y
IG1lbWJlciBtdXN0IGhhdmUgYSBub3JtYWxpemVkIHZhbHVlICovDQogCQkJCQlhc3NlcnQoIG1s
LT5zbWxfbnZhbHVlcyAhPSBOVUxMICk7DQotCQkNCisNCiAJCQkJCWZvciAoIGkgPSAwOyAhQkVS
X0JWSVNOVUxMKCAmbWwtPnNtbF9udmFsdWVzWyBpIF0gKTsgaSsrICkgew0KIAkJCQkJCWludAkJ
cmM7DQogCQkJCQkJRW50cnkJCSplOw0KQEAgLTEzNjIsNyArMTM2OCw3IEBADQogCQkJCQliZXJf
YnZhcnJheV9mcmVlX3goIHZhbHMsIG9wLT5vX3RtcG1lbWN0eCApOw0KIAkJCQl9DQogCQ0KLQkJ
CQlpZiAoIG1sLT5zbWxfb3AgPT0gTERBUF9NT0RfREVMRVRFICkgew0KKwkJCQlpZiAoIG1sLT5z
bWxfb3AgPT0gTERBUF9NT0RfREVMRVRFIHx8IG1sLT5zbWxfbnZhbHVlcyA9PSBOVUxMKSB7DQog
CQkJCQlicmVhazsNCiAJCQkJfQ0KIAkJCQkvKiBmYWxsIHRocnUgKi8NCg==
--=-NvwPd4A703Oz/HjyG5IJ--
--=-AN4G/3lLejTAf6KGBTk7
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQBIaDb3z4A8Wyi0NrsRAqd2AJ9pvfUj4jqL8HyFCfMh3zE47IfNwwCfTXOo
/lvXcMQzo0XgFPVqe8W/h1c=
=ssFN
-----END PGP SIGNATURE-----
--=-AN4G/3lLejTAf6KGBTk7--
15 years, 2 months
(ITS#5584) memberof and modify: replace with 0 new entries
by abartlet@samba.org
Full_Name: Andrew Bartlett
Version: CVS HEAD
OS: Fedora 9
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (59.167.251.137)
The memberOf plugin asserts if I attempt a modify like:
(snippet from our python test script, using ldb, but I hope you get the idea)
ldb.modify_ldif("""
dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
replace: member
""")
slapd: memberof.c:849: memberof_op_modify: Assertion `ml->sml_mod.sm_nvalues !=
((void *)0)' failed.
I think this just needs to be handled like the delete case, which our tests
already show pass correctly.
15 years, 2 months
Re: (ITS#5395) Patch for test system
by abartlet@samba.org
--=-9ss+Mrcd1KUNsVlI3qDP
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Thu, 2008-02-28 at 10:15 +0100, Pierangelo Masarati wrote:
> Andrew Bartlett wrote:
> > On Thu, 2008-02-28 at 10:02 +0100, Pierangelo Masarati wrote:
> >> abartlet(a)samba.org wrote:
> >>> Full_Name: Andrew Bartlett
> >>> Version: CVS HEAD
> >>> OS: Fedora 8
> >>> URL: http://abartlet.net/patches/memberof-refint.patch
> >>> Submission from: (NULL) (59.167.251.137)
> >>>
> >>>
> >>> I've added a patch to show that refint and memberof work together.
> >> Your patch seems to be missing some (trivial) modification to
> >> tests/scripts/define.sh (the MEMBEROFREFINTOUT env var).
>=20
> Thanks. In the meanwhile I figured it out (easy enough ;), and it seems
> to work fine. I'm going to commit it, unless there's any IPR issue
> (which I'd delegate to Howard or Kurt).
Is there anything more that needs to be done here?
If you need an IPR note, then please consider the modifications in this
contribution licensed:
Copyright 2008 Red Hat Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP Public
License.
--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
--=-9ss+Mrcd1KUNsVlI3qDP
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQBIaCZTz4A8Wyi0NrsRApQeAJ9iWFzB1Fp+5nsSZqDZg6HsB6WPWgCeLAkl
dObIvmosUhr/R2Ju2KqIEuM=
=RGa/
-----END PGP SIGNATURE-----
--=-9ss+Mrcd1KUNsVlI3qDP--
15 years, 2 months
Re: (ITS#5355) back-meta calls back-ldap directly
by vorlon@debian.org
--BI5RvnYi6R4T2M87
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Sun, Jun 29, 2008 at 11:49:37AM -0700, Howard Chu wrote:
> vorlon(a)debian.org wrote:
>> This bug is marked as fixed in 2.4.8, but I still see the same problem in
>> the test suite in 2.4.10. Trying to start slapd with back-meta gives:
>> /home/devel/openldap/build-area/openldap2.3-2.4.10/debian/build/servers/slapd/.libs/lt-slapd: symbol lookup error: ../servers/slapd/back-meta/.libs/back_meta-2.4.so.2: undefined symbol: slap_idassert_parse_cf
>> Is this a regression since 2.4.8?
> Looks more like an incomplete fix. The functions in question haven't
> changed since 2006. Since we're not using a hacked libltdl the problem
> you're seeing doesn't show up here. I guess you should have tested this
> sooner...
Well, given that back_meta has been broken for an indeterminate period of
time on systems whose libltdl doesn't use the insane RTLD_GLOBAL option :),
the Debian userbase for that backend is roughly nonexistent which means
verifying the fix was not a high priority (except that I would like to be
able to turn on 'make test' during our builds). Is the correct fix to add
this function to the ldap_extra_t struct, as in the attached patch?
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek(a)ubuntu.com vorlon(a)debian.org
--BI5RvnYi6R4T2M87
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=no_backend_inter-linking
Index: trunk/servers/slapd/back-ldap/back-ldap.h
===================================================================
--- trunk.orig/servers/slapd/back-ldap/back-ldap.h
+++ trunk/servers/slapd/back-ldap/back-ldap.h
@@ -428,6 +428,8 @@
int (*proxy_authz_ctrl)( Operation *op, SlapReply *rs, struct berval *bound_ndn,
int version, slap_idassert_t *si, LDAPControl *ctrl );
int (*controls_free)( Operation *op, SlapReply *rs, LDAPControl ***pctrls );
+ int (*idassert_parse_cf)( const char *fname, int lineno, int argc,
+ char *argv[], slap_idassert_t *si );
} ldap_extra_t;
LDAP_END_DECL
Index: trunk/servers/slapd/back-meta/config.c
===================================================================
--- trunk.orig/servers/slapd/back-meta/config.c
+++ trunk/servers/slapd/back-meta/config.c
@@ -1089,7 +1089,7 @@
}
cargv[ 2 ] = binddn;
- rc = slap_idassert_parse_cf( fname, lineno, cargc, cargv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert );
+ rc = mi->mi_ldap_extra->idassert_parse_cf( fname, lineno, cargc, cargv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert );
if ( rc == 0 ) {
struct berval bv;
@@ -1159,7 +1159,7 @@
return 1;
}
- return slap_idassert_parse_cf( fname, lineno, argc, argv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert );
+ return mi->mi_ldap_extra->idassert_parse_cf( fname, lineno, argc, argv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert );
/* idassert-authzFrom */
} else if ( strcasecmp( argv[ 0 ], "idassert-authzFrom" ) == 0 ) {
Index: trunk/servers/slapd/back-ldap/init.c
===================================================================
--- trunk.orig/servers/slapd/back-ldap/init.c
+++ trunk/servers/slapd/back-ldap/init.c
@@ -34,7 +34,8 @@
static const ldap_extra_t ldap_extra = {
ldap_back_proxy_authz_ctrl,
- ldap_back_controls_free
+ ldap_back_controls_free,
+ slap_idassert_parse_cf
};
int
--BI5RvnYi6R4T2M87--
15 years, 2 months
Re: (ITS#5583) slapadd core dumps
by dieter@dkluenter.de
Pierangelo Masarati <ando(a)sys-net.it> writes:
> Dieter Kluenter wrote:
>> Pierangelo Masarati <ando(a)sys-net.it> writes:
>>
>>> dieter(a)dkluenter.de wrote:
>>>
>>>> Sorry, forgot it,
>>> Should be fixed in HEAD, please test. I infer you're using multiple
>>> instances of slapo-dynlist(5) in your slapd.conf, aren't you?
>> No, just one instance.
>
> Sounds odd, because the error was related to executing slapo-dynlist's
> db_open() function while the static vars holding the dgIdentity (and
> the dgAuthz) attrs being already initialized. Can you test the fix to
> overlays/dynlist.c 1.51->1.52? It is for HEAD, but should apply
> straightforwardly to 2.4.
I just compiled HEAD and slapadd added the ldif file as expected. But
a second error occured, test failed with test001, but I will check
this tomorrow, same as the dynlist patch.
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
15 years, 2 months
Re: (ITS#5574) Attribute type 'auditContext' not available in subschema
by ando@sys-net.it
michael(a)stroeder.com wrote:
> Full_Name: Michael Ströder
> Version: RE24
> OS: OpenSUSE Linux 10.2
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (84.163.82.89)
>
>
> Please add attribute type 'auditContext' to subschema.
It is registered by slapo-accesslog(5). I can see it when
slapo-accesslog(5) is built.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: ando(a)sys-net.it
-----------------------------------
15 years, 2 months
Re: (ITS#5583) slapadd core dumps
by ando@sys-net.it
Dieter Kluenter wrote:
> Pierangelo Masarati <ando(a)sys-net.it> writes:
>
>> dieter(a)dkluenter.de wrote:
>>
>>> Sorry, forgot it,
>> Should be fixed in HEAD, please test. I infer you're using multiple
>> instances of slapo-dynlist(5) in your slapd.conf, aren't you?
>
> No, just one instance.
Sounds odd, because the error was related to executing slapo-dynlist's
db_open() function while the static vars holding the dgIdentity (and the
dgAuthz) attrs being already initialized. Can you test the fix to
overlays/dynlist.c 1.51->1.52? It is for HEAD, but should apply
straightforwardly to 2.4.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: ando(a)sys-net.it
-----------------------------------
15 years, 2 months
