Issue 5781 - syncrepl doing delete/add on items without equality
Summary: syncrepl doing delete/add on items without equality
Status: VERIFIED FIXED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: slapd (show other issues)
Version: 2.4.11
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-10-30 16:18 UTC by rubin@physics.umn.edu
Modified: 2014-08-01 21:04 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description rubin@physics.umn.edu 2008-10-30 16:18:52 UTC 
Full_Name: Alex Schumann
Version: 2.4.11
OS: freebsd 7.0-release-p3
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (128.101.220.229)


We are using nis.schema's  nisNetgroupTriple to hold unix netgroups. When we
make a change, we do so using the following code snipit:

 $mesg = $ldap_master->modify ( $dn, replace => [ 'nisNetgroupTriple' =>
\@{$groups{$g}} ] );


The master accepts this change, but all the syncrepl slaves immediately start
failing:

Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001 be_search (0)
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001
cn=ng115,ou=Netgroup,dc=suppressed,dc=suppressed,dc=suppressed
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001 entry unchanged,
ignored (cn=ng115,ou=Netgroup,dc=suppressed,dc=suppressed,dc=suppressed)
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001
LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001 be_search (0)
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001
cn=ng116,ou=Netgroup,dc=suppressed,dc=suppressed,dc=suppressed
Oct 29 11:54:28 lanark slapd[4187]: null_callback : error code 0x12
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001 be_modify (18)
Oct 29 11:54:28 lanark slapd[4187]: syncrepl_entry: rid=001 be_modify failed
(18)
Oct 29 11:54:28 lanark slapd[4187]: do_syncrepl: rid=001 retrying

Error code 0x12 is LDAP_INAPPROPRIATE_MATCHING, which indicates that syncrepl
tried to do a delete/add on a multivalued attribute witohout an equality
matching rule. Reason being, the schema for nis defines nisNetgroupTriple
without an EQUALITY. You can argue between openldap and sun if that is an error
in the schema, but fact is syncrepl should not fail in this or similar cases.
Proper behavior would be if there is no equality, syncrepl should fall back to a
replace.

many thanks to hyc on freenode #openldap for helping me to understand what was
going on here.

http://www.archivesat.com/OpenLDAP_bugs/thread1581049.htm indicates
nisNetgroupTriple is improperly defined according to SUN, but is really an aside
on this bug.
Comment 1 Howard Chu 2008-10-30 17:31:03 UTC 
changed notes
changed state Open to Test
moved from Incoming to Software Bugs
Comment 2 rubin@physics.umn.edu 2008-10-31 17:13:01 UTC 
Patched in servers/slapd/syncrepl.c rev 1.418

http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/syncrepl.c.diff?r1=1.417&r2=1.418&cvsroot=OpenLDAP-src&hideattic=1&sortbydate=0


I applied the patch to 2.4.11 and verified it does solve the problem.
Thanks!
Comment 3 ando@openldap.org 2008-11-01 16:29:32 UTC 
changed notes
Comment 4 Quanah Gibson-Mount 2008-11-10 19:56:13 UTC 
changed notes
changed state Test to Release
Comment 5 Quanah Gibson-Mount 2008-11-24 17:07:25 UTC 
changed notes
changed state Release to Closed
Comment 6 OpenLDAP project 2014-08-01 21:04:17 UTC 
fixed in HEAD (confirmed)
fixed in RE24