Full_Name: Sascha Kuehndel Version: 2.4.33 OS: HP-UX 11.31 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (192.166.104.102) After upgrade slapd from 2.4.32 to 2.4.33, same contraints fails always. Any change on an entry in restricted tree is not possible. 1. Comment out the contraints helps. 2. I have downgraded the constraint.c, only. After rebuild, the slapds works fine again. Constraint: constraint_attribute dekanetZielgruppenDN uri ldap:///ou=Zielgruppen,ou=dekanet,dc=dekager,dc=dekabank,dc=extern?entryDN?one?(objectClass=dekanetZielgruppe) restrict=ldap:///ou=Benutzer,ou=dekanet,dc=dekager,dc=dekabank,dc=extern??one Change: #!RESULT ERROR #!CONNECTION ldap://dk-ketos:6418 #!DATE 2012-10-18T18:29:02.840 #!ERROR [LDAP: error code 19 - modify breaks constraint on dekanetEmailAdr] dn: dekanetObjLID=74386878,ou=Benutzer,ou=dekanet,dc=dekager,dc=dekabank,dc=ex tern changetype: modify replace: dekanetEmailAdr dekanetEmailAdr: test1234@deka.de - Greatings, Sascha
I suspect this is related to changes because of fix for ITS#7168 similar or same like ITS#7340. Ciao, Michael.
Hello, i have reduced the configuration and the DIT to a minium. So i can now send the slapd.conf, the initial dit and the test-change. I hope you can reproduce the error, with it. The uses software: OpenLDAP: 2.4.33 BDB: 5.3.21 OpenSSL: 1.0.1c Thanks, Sascha Kuehndel
--On Monday, October 22, 2012 7:14 PM +0000 Sascha.Kuehndel@deka.de wrote: > --_004_F12A906A1F17554CB9CDFC8F4779F3C469A046FAB9EXCCREX9dekag_ > Content-Type: text/plain; charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Hello, > > i have reduced the configuration and the DIT to a minium. > So i can now send the slapd.conf, the initial dit and the test-change. > > I hope you can reproduce the error, with it. Hi Jan, It appears your changes to slapo-constraint broke at least one configuration option. Can you please review the information in this ITS and update your changes. Thanks. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
On 10/22/2012 09:19 PM, quanah@zimbra.com wrote: > --On Monday, October 22, 2012 7:14 PM +0000 Sascha.Kuehndel@deka.de wrote: > >> --_004_F12A906A1F17554CB9CDFC8F4779F3C469A046FAB9EXCCREX9dekag_ >> Content-Type: text/plain; charset="iso-8859-1" >> Content-Transfer-Encoding: quoted-printable >> >> Hello, >> >> i have reduced the configuration and the DIT to a minium. >> So i can now send the slapd.conf, the initial dit and the test-change. >> >> I hope you can reproduce the error, with it. > > Hi Jan, > > It appears your changes to slapo-constraint broke at least one > configuration option. Can you please review the information in this ITS > and update your changes. Thanks. > Hi, those changes were made by me (different Jan). I will look into it and update the testcases. -- Jan Synacek Software Engineer, BaseOS team Brno, Red Hat
--On Tuesday, October 23, 2012 5:26 AM +0000 jsynacek@redhat.com wrote: > On 10/22/2012 09:19 PM, quanah@zimbra.com wrote: >> --On Monday, October 22, 2012 7:14 PM +0000 Sascha.Kuehndel@deka.de >> wrote: >> >>> --_004_F12A906A1F17554CB9CDFC8F4779F3C469A046FAB9EXCCREX9dekag_ >>> Content-Type: text/plain; charset="iso-8859-1" >>> Content-Transfer-Encoding: quoted-printable >>> >>> Hello, >>> >>> i have reduced the configuration and the DIT to a minium. >>> So i can now send the slapd.conf, the initial dit and the test-change. >>> >>> I hope you can reproduce the error, with it. >> >> Hi Jan, >> >> It appears your changes to slapo-constraint broke at least one >> configuration option. Can you please review the information in this ITS >> and update your changes. Thanks. >> > > Hi, > > those changes were made by me (different Jan). > I will look into it and update the testcases. Thanks. Sorry for the mixup, I picked the first Jan that came up in my mailbox search. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
On 10/22/2012 09:14 PM, Sascha.Kuehndel@deka.de wrote: > Hello, > > i have reduced the configuration and the DIT to a minium. > So i can now send the slapd.conf, the initial dit and the test-change. > > I hope you can reproduce the error, with it. > > The uses software: > OpenLDAP: 2.4.33 > BDB: 5.3.21 > OpenSSL: 1.0.1c > > Thanks, > Sascha Kuehndel > Could you please try the attached patch? Thank you, -- Jan Synacek Software Engineer, BaseOS team Brno, Red Hat
Hi, it looks better. make test an my own tests was successful. Thanks, Sascha --------------------------------------------------------------------------------------- #!RESULT OK dn: dc=1,ou=user,ou=deka,dc=example,dc=com changetype: modify replace: description description: ab - #!RESULT ERROR #!ERROR [LDAP: error code 19 - modify breaks constraint on associatedName] dn: dc=1,ou=user,ou=deka,dc=example,dc=com changetype: modify replace: associatedName associatedName: uid=15,ou=group,ou=deka,dc=example,dc=com - #!RESULT OK dn: uid=14,ou=group,ou=deka,dc=example,dc=com changetype: delete #!RESULT OK dn: dc=1,ou=user,ou=deka,dc=example,dc=com changetype: modify replace: description description: abc - #!RESULT ERROR #!ERROR [LDAP: error code 19 - modify breaks constraint on associatedName] dn: dc=1,ou=user,ou=deka,dc=example,dc=com changetype: modify replace: associatedName associatedName: uid=14,ou=group,ou=deka,dc=example,dc=com -
On 10/25/2012 01:41 PM, Sascha.Kuehndel@deka.de wrote: > Hi, > > it looks better. > make test an my own tests was successful. Great. URL: ftp://ftp.openldap.org/incoming/jsynacek-20121025-slapo-constraint-uri-restrict-fix.patch The attached file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Red Hat. Red Hat has not assigned rights and/or interest in this work to any party. I, Jan Synacek am authorized by Red Hat, my employer, to release this work under the following terms. Red Hat hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice. -- Jan Synacek Software Engineer, BaseOS team Brno, Red Hat
changed notes changed state Open to Test moved from Incoming to Software Bugs
changed notes changed state Test to Release
The recent fix for ITS#7418 might have caused another regression causing a seg fault. Please have a look at http://www.openldap.org/its/index.cgi?findid=7431 Ciao, Michael.
changed notes changed state Release to Closed
fixed in master fixed in RE24