https://bugs.openldap.org/show_bug.cgi?id=9747
Issue ID: 9747 Summary: dynlist overlay breaks member compare operation for groups Product: OpenLDAP Version: 2.5.8 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs@openldap.org Reporter: henson@acm.org Target Milestone: ---
Given the following group:
dn: uid=unxadmin,ou=group,dc=cpp,dc=edu objectClass: groupOfNames objectClass: cppGroup objectClass: posixGroup uid: unxadmin cn: Unix Administrators gidNumber: 17730 member: member: uid=gkuri,ou=user,dc=cpp,dc=edu member: uid=henson,ou=user,dc=cpp,dc=edu memberUid: gkuri memberUid: henson
and the following dynlist config:
dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames
ldap compare operations checking group membership fail erroneously:
# ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/ uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu FALSE
If the dynlist-attrset configuration is removed, the compare works as expected:
# ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/ uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu TRUE
https://bugs.openldap.org/show_bug.cgi?id=9747
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | Assignee|bugs@openldap.org |hyc@openldap.org
https://bugs.openldap.org/show_bug.cgi?id=9747
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |2.5.10
https://bugs.openldap.org/show_bug.cgi?id=9747
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |IN_PROGRESS Ever confirmed|0 |1
--- Comment #1 from Howard Chu hyc@openldap.org --- Please test https://git.openldap.org/openldap/openldap/-/merge_requests/442
https://bugs.openldap.org/show_bug.cgi?id=9747
--- Comment #2 from henson@acm.org henson@acm.org --- (In reply to Howard Chu from comment #1)
Please test https://git.openldap.org/openldap/openldap/-/merge_requests/442
I rebuilt the 2.5.9 rpm with this patch and the compare operation appears to work correctly now.
Thanks for the quick fix.
https://bugs.openldap.org/show_bug.cgi?id=9747
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |TEST
--- Comment #3 from Quanah Gibson-Mount quanah@openldap.org --- • bc659074 by Howard Chu at 2021-11-15T17:36:40+00:00 ITS#9747 dynlist: fix Compare for static groups
https://bugs.openldap.org/show_bug.cgi?id=9747
--- Comment #4 from Quanah Gibson-Mount quanah@openldap.org --- RE26:
• 8ccb3430 by Howard Chu at 2021-11-15T18:58:32+00:00 ITS#9747 dynlist: fix Compare for static groups
https://bugs.openldap.org/show_bug.cgi?id=9747
--- Comment #5 from Quanah Gibson-Mount quanah@openldap.org --- RE25:
• 8ccb3430 by Howard Chu at 2021-11-15T18:58:32+00:00 ITS#9747 dynlist: fix Compare for static groups
https://bugs.openldap.org/show_bug.cgi?id=9747
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9779
https://bugs.openldap.org/show_bug.cgi?id=9747
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org