[Bug 1003854] [NEW] Database upgrade/migration fails with nested db directories (lucid to precise)
Public bug reported:
Hi,
I've just performed an upgrade of our LDAP server on Ubuntu 10.04.4 LTS
to Ubuntu 12.04 (I acknowledge this upgrade path is not officially
supported yet).
The incompatible database upgrading process in the preinst/postinst
files failed in the following scenario.
We have two suffixes/databases at the following paths:-
* /var/lib/ldap
* /var/lib/ldap/accesslog
The preinst database dumping part of the process worked just fine and
created the appropriate LDIF files under
/var/backup/slapd-2.4.21-0ubuntu5.7, however the restore failed
stating:-
"""
Loading from /var/backups/slapd-2.4.21-0ubuntu5.7:
- directory dc=REDACTEDs,dc=co,dc=uk... failed.
Loading the database from the LDIF dump failed with the following
error while running slapadd:
4fbdfebf olcDbDirectory: value #0: invalid path: No such file or directory
4fbdfebf config error processing olcDatabase={2}hdb,cn=config:
olcDbDirectory: value #0: invalid path: No such file or directory
slapadd: bad configuration directory!
"""
This is because when move_incompatible_databases_away() runs it finds
the main database first (/var/lib/ldap) and moves all top level entries
(find -mindepth 1 -maxdepth 1 ...) into the backup directory and this
includes the accesslog subdirectory which then no longer exists. When
slapadd runs it checks config specifying that directory and bails with
the above error given it is indeed missing.
I've tested a tentative fix and that's to patch the two find commands
(one in is_empty_dir() one in move_old_database_away to also specify
-type f so that the directory structure is preserved when moving the old
database away (accesslog will be backed up separately when its suffx is
iterated over in move_incompatible_databases_away()).
The simple and very tentative patch for this is:-
"""
# diff -u slapd.scripts-common.old slapd.scripts-common
--- slapd.scripts-common.old2012-05-24 10:33:01.746206585 +0100
+++ slapd.scripts-common2012-05-24 10:33:23.967902747 +0100
@@ -391,7 +391,7 @@
echo -n " - directory $suffix... " >&2
mkdir -p "$backupdir"
find "$databasedir" -mindepth 1 -maxdepth 1 \
- -exec mv {} "$backupdir" \;
+ -type f -exec mv {} "$backupdir" \;
echo done. >&2
else
cat >&2 /dev/null`
if [ -n "$output" ]; then
return 1
else
"""
** Affects: openldap (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1003854
Title:
Database upgrade/migration fails with nested db directories (lucid to
precise)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003854] Re: Database upgrade/migration fails with nested db directories (lucid to precise)
(If requested I can provide a suitable debdiff for the proposed fix) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1003854 Title: Database upgrade/migration fails with nested db directories (lucid to precise) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003854] Re: Database upgrade/migration fails with nested db directories (lucid to precise)
Did you re-export the backup after applying the patch? IIRC it fixes the backup/export phase not the restore/import phase so unless you re-created the dumps it wouldn't have actually done anything. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1003854 Title: Database upgrade/migration fails with nested db directories (lucid to precise) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
I'd like to double check this again before confirming hardy PAM is ok with usernames of this length but unfortunately I seem to have lost/deleted the test VM where I had this issue setup. I'll re-create the VM and re-test this issue just to be sure (give me a couple of days or so depending on workload). (Unless ofcourse Trent can provide such a confirmation.) -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 252200] Re: ssh-agent does not expire key
This bug is more than likely a duplicate of: #209447 Can the OP or Chris provide echo $SSH_AUTH_SOCK so we can confirm gnome- keyring-daemon is infact being used? -- ssh-agent does not expire key https://bugs.launchpad.net/bugs/252200 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 252200] Re: ssh-agent does not expire key
*** This bug is a duplicate of bug 209447 *** https://bugs.launchpad.net/bugs/209447 That's certainly gnome-keyring's socket. I'm going to go ahead mark this bug a duplicate, for a work around please see bug: #209447. The work around involves resetting your ssh-agent back to the standard one and not gnome-keyring. However Intrepid introduced a further bug which stops you from doing this, so for a further workaround you'll also need to see bug: #275010 Hope this helps! ** This bug has been marked a duplicate of bug 209447 gnome-keyring-daemon does not honor constrained ssh identities -- ssh-agent does not expire key https://bugs.launchpad.net/bugs/252200 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
I'd just like to add that (as the original bug reporter) I agree with Trent entirely. I can setup accounts (longer than 32 characters) that work just fine with PAM (and etc...) yet vsftpd fails to authenticate with them. Although I can accept it's a somewhat grey area in this case between bug and feature request... Can it be taken into account that the fix is obviously safe, has been applied by other distro's in their packages and even pulled into the vsftpd codebase itself? Thanks Thierry :-) -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
@Mathias In my opinion I would think:- """ Bugs which do not fit under above categories, but (1) have an obviously safe patch and (2) affect an application rather than critical infrastructure packages (like X.org or the kernel). """ -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
@Mathias: You make an excellent point. Oversight on my part not realising I'd only prepared a jaunty diff and not a hardy one for SRU. I've re-based the jaunty diff against hardy and attached it to the bug (as well as pushing it to my PPA for testing purposes). ** Attachment added: "LP343738-hardy.patch" http://launchpadlibrarian.net/30764250/LP343738-hardy.patch -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
** Description changed: vsftpd has a max username length of 32, this is too small for a virtual hosting environment where the username is a user's e-mail address (if they have a long domain name etc...) This issue was patched in FC10 via their patch system and has been pulled into the new upstream 2.1 version, I'll attach a debdiff to this bug once it's created so I know the bug number. + + SRU Report (for Hardy) + - + + This bug's impact is (probably) mostly felt by users running Hardy as a + hosting server using vsftpd as their FTP server. Hosting servers + typically use either the domain name and/or e-mail address as the + username which can easily exceed the 32 character limit. + + This has been fixed in the current development version (Karmic - + 2.1.1~pre1-2ubuntu1) by syncing a later release of vsftpd from Debian + which has already applied this fix. A minimal patch to apply this fix + has previously been attached to this bug (LP343738-hardy.patch). + + TEST CASE: This bug can be reproduced by creating a username greater + than 32 characters then attempting to login with the unpatched vsftpd. + Upon upgrading to the patched vsftpd this login attempt should then + succeed. + + Looking at the patch regression seems unlikely (given the nature of the + change), however, the worst case outcomes I can see for regression are:- + + a) vsftpd stops working; or + b) An (unknown) underlying authentication mechanism requires vsftpd to reject usernames greater than 32 characters and hence breaks. + + I'm afraid I'm not sure how likely (b) is, however PAM can handle + usernames of such length. -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
Just spotted a slight error in my debdiff. I made my debdiff against 2.0.6-1ubuntu1, failing to notice the -ubuntu1.1 in hardy-updates. I'll submit an updated patch/debdiff later today against -ubuntu1.1 if someone else doesn't do so before hand. TESTING NOTE: Please note that although the version in my PPA is fine to test with - it will regress #254905 (FTPS doesn't work with clients such as FileZilla). -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 343738] Re: vsftpd max username length too small
Apologies for the mix up... Updated patch attached to bug, old one removed (and new testing package pushed to my PPA). :-) ** Attachment removed: "LP343738-hardy.patch" http://launchpadlibrarian.net/30764250/LP343738-hardy.patch ** Attachment added: "LP343738-hardy.patch" http://launchpadlibrarian.net/30827535/LP343738-hardy.patch -- vsftpd max username length too small https://bugs.launchpad.net/bugs/343738 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
