[Issue 10304] New: Unable to remove item from directory as part of transaction if it is the last item in that directory
https://bugs.openldap.org/show_bug.cgi?id=10304
Issue ID: 10304 Summary: Unable to remove item from directory as part of transaction if it is the last item in that directory Product: OpenLDAP Version: 2.5.13 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs@openldap.org Reporter: sophie.elliott@arcticlake.com Target Milestone: ---
I am running my ldap server on Debian 11.3, with the mdb backend, using the backported openldap version 2.5.13. I am not 100% certain if this is an issue with OpenLDAP or liblmdb, but I have been running tests in the repo and it looks like the liblmdb tests work fine, so I think it's with OpenLDAP itself.
I have been performing a transaction, and deleting entries from a directory during this transaction. This works fine if the item that I am deleting isn't the last entry in its directory, but when it is I get a MDB_NOTFOUND error on the commit transaction call and the delete doesn't go through. Here is an excerpt of the logs when this happens: ``` 67a64334.14e1fc32 0x766ad2a00700 => index_entry_del( 108, "accessGroupID=f23de82f-3a1c-4f88-86bb-bb07f9a0992d,o=[COMPANY],ou=accessGroups,dc=local,dc=[COMPANY],dc=com" ) 67a64334.14e21912 0x766ad2a00700 mdb_idl_delete_keys: 6c [62d34624] 67a64334.14e22812 0x766ad2a00700 <= index_entry_del( 108, "accessGroupID=f23de82f-3a1c-4f88-86bb-bb07f9a0992d,o=[COMPANY],ou=accessGroups,dc=local,dc=[COMPANY],dc=com" ) success 67a64334.14e23a91 0x766ad2a00700 mdb_delete: txn_commit failed: MDB_NOTFOUND: No matching key/data pair found (-30798) ```
Please let me know if I should submit this issue elsewhere, or if this is something that has already been fixed in a more recent version. I'm also happy to provide more details if necessary. Thank you!
https://bugs.openldap.org/show_bug.cgi?id=10304
--- Comment #1 from Quanah Gibson-Mount quanah@openldap.org --- Hello,
Please provide a test script that reproduces the issue.
Regards, Quanah
https://bugs.openldap.org/show_bug.cgi?id=10304
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Keywords|needs_review | Resolution|--- |SUSPENDED
--- Comment #2 from Quanah Gibson-Mount quanah@openldap.org --- Still waiting on a response with a reproduction case.
https://bugs.openldap.org/show_bug.cgi?id=10304
--- Comment #3 from Geri geri@siedl.net --- Hello,
I'm facing the same issue. Here's the steps i took:
Freshly installed slapd on Debian 12.11, configured with base "domain.tdl". Added a single child object to the base: ----- root@ldap-test:~# slapcat dn: dc=domain,dc=tld objectClass: top objectClass: dcObject objectClass: organization o: Test dc: domain structuralObjectClass: organization entryUUID: fac6a25c-e529-103f-9516-65f1b926efeb creatorsName: cn=admin,dc=domain,dc=tld createTimestamp: 20250624093307Z entryCSN: 20250624093307.151143Z#000000#000#000000 modifiersName: cn=admin,dc=domain,dc=tld modifyTimestamp: 20250624093307Z
dn: cn=child,dc=domain,dc=tld objectClass: top objectClass: organizationalRole cn: child structuralObjectClass: organizationalRole entryUUID: 42e21be8-e52a-103f-810c-0908773b2be5 creatorsName: cn=admin,dc=domain,dc=tld createTimestamp: 20250624093508Z entryCSN: 20250624093508.127235Z#000000#000#000000 modifiersName: cn=admin,dc=domain,dc=tld modifyTimestamp: 20250624093508Z -----
Created a LDIF to delete the child entry: ----- root@ldap-test:~# cat del.ldif dn: cn=child,dc=domain,dc=tld changeType: delete -----
Tried to delete the entry using a transaction: ----- root@ldap-test:~# ldapmodify -H ldapi:/// -D cn=admin,dc=domain,dc=tld -W -f del.ldif -E '!txn=commit' Enter LDAP Password: deleting entry "cn=child,dc=domain,dc=tld"
ldap_txn_end_s: Other (e.g., implementation specific) error (80) -----
Heres the error reported by slapd while running ldapmodify: ----- root@ldap-test:~# /usr/sbin/slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d -d 256 685a7219.1bb15b14 0x7f7e9be14200 @(#) $OpenLDAP: slapd 2.5.13+dfsg-5 (Feb 8 2023 01:56:12) $ Debian OpenLDAP Maintainers pkg-openldap-devel@lists.alioth.debian.org 685a7219.1cddce9b 0x7f7e9be14200 slapd starting 685a7221.3715ef8a 0x7f7e59dfe6c0 conn=1000 fd=15 ACCEPT from PATH=/var/run/slapd/ldapi (PATH=/var/run/slapd/ldapi) 685a7221.371ebdc8 0x7f7e59dfe6c0 conn=1000 op=0 BIND dn="cn=admin,dc=domain,dc=tld" method=128 685a7221.37201a5a 0x7f7e59dfe6c0 conn=1000 op=0 BIND dn="cn=admin,dc=domain,dc=tld" mech=SIMPLE bind_ssf=0 ssf=71 685a7221.3720f639 0x7f7e59dfe6c0 conn=1000 op=0 RESULT tag=97 err=0 qtime=0.000026 etime=0.000245 text= 685a7221.3727a265 0x7f7e595fd6c0 conn=1000 op=1 EXT oid=1.3.6.1.1.21.1 685a7221.37282a77 0x7f7e595fd6c0 conn=1000 op=1 TXN START 685a7221.3728eece 0x7f7e595fd6c0 conn=1000 op=1 RESULT oid= err=0 qtime=0.000046 etime=0.000162 text= 685a7221.3733f33f 0x7f7e59dfe6c0 conn=1000 op=2 DEL dn="cn=child,dc=domain,dc=tld" 685a7221.37369ae9 0x7f7e59dfe6c0 conn=1000 op=2 RESULT tag=107 err=0 qtime=0.000070 etime=0.000267 text= 685a7221.373b85a8 0x7f7e595fd6c0 conn=1000 op=3 EXT oid=1.3.6.1.1.21.3 685a7221.373d2503 0x7f7e595fd6c0 conn=1000 op=3 TXN END 685a7221.37428cea 0x7f7e595fd6c0 mdb_delete: txn_commit failed: MDB_NOTFOUND: No matching key/data pair found (-30798) 685a7221.3753e616 0x7f7e595fd6c0 conn=1000 op=3 RESULT oid= err=80 qtime=0.000022 etime=0.001619 text= 685a7221.376a15da 0x7f7e59dfe6c0 conn=1000 op=4 UNBIND 685a7221.376ed868 0x7f7e59dfe6c0 conn=1000 fd=15 closed ^C685a7227.2d87a959 0x7f7e5a5ff6c0 daemon: shutdown requested and initiated. 685a7227.2d9f82c4 0x7f7e5a5ff6c0 slapd shutdown: waiting for 0 operations/tasks to finish 685a7227.2dcff2ff 0x7f7e9be14200 slapd stopped. -----
When adding a second child to the base, the first can be deleted without issues (same command, same ldif)
https://bugs.openldap.org/show_bug.cgi?id=10304
Geri geri@siedl.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |geri@siedl.net
--- Comment #4 from Geri geri@siedl.net --- Hello,
any updates on this? If you need any further information on this let me know.
https://bugs.openldap.org/show_bug.cgi?id=10304
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|SUSPENDED |TEST
--- Comment #5 from Howard Chu hyc@openldap.org --- Thanks for the test case, fixed now in git 053ca6b656352810074e06ddab59750e2a4b513a
https://bugs.openldap.org/show_bug.cgi?id=10304
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |2.6.11
https://bugs.openldap.org/show_bug.cgi?id=10304
--- Comment #6 from Quanah Gibson-Mount quanah@openldap.org --- main:
• 053ca6b6 by Howard Chu at 2025-08-05T16:26:23+01:00 ITS#10304 slapd-mdb: fix spurious error when deleting last child of a branch
RE26:
• 9edac688 by Howard Chu at 2025-09-08T23:03:04+00:00 ITS#10304 slapd-mdb: fix spurious error when deleting last child of a branch
-
openldap-its@openldap.org