freeipa team mailing list archive

Thread
Date

[Bug 2034251] [NEW] Incorrect rdn in the bind9 dn entry in the DEP8 test

To: freeipa@xxxxxxxxxxxxxxxxxxx
From: Andreas Hasenack <2034251@xxxxxxxxxxxxxxxxxx>
Date: Tue, 05 Sep 2023 12:50:24 -0000
Reply-to: Bug 2034251 <2034251@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Public bug reported:

There is a small mistake in the bind9 DN entry, it should have an
attribute matching the dn, but instead it  mentions a "replicator"
entity that doesn't exist.

It doesn't fail the test, but it's an incorrect LDAP entry and should be
fixed:

diff --git a/debian/tests/dyndb-ldap b/debian/tests/dyndb-ldap
index 5482bc0..019bf24 100644
--- a/debian/tests/dyndb-ldap
+++ b/debian/tests/dyndb-ldap
@@ -8,6 +8,7 @@ myhostname="dep8"
 ldap_admin_dn="cn=admin,${ldap_suffix}"
 ldap_admin_pw="secret"
 ldap_bind9_dn="uid=bind9,${ldap_suffix}"
+ldap_bind9_rdn="uid: bind9" # match ldap_bind9_dn
 ldap_bind9_pw="secretagain"

 cleanup() {
@@ -122,7 +123,7 @@ EOF
 create_bind9_uid() {
     ldapadd -x -D "${ldap_admin_dn}" -w "${ldap_admin_pw}" <<EOF
 dn: ${ldap_bind9_dn}
-uid: replicator
+${ldap_bind9_rdn}
 objectClass: simpleSecurityObject
 objectClass: account
 userPassword: {CRYPT}x

This was fixed in debian already via https://salsa.debian.org/freeipa-
team/bind-dyndb-ldap/-/commit/6b5096776ee0502d9cac3966b6aa5f4da4cef664

** Affects: bind-dyndb-ldap (Ubuntu)
     Importance: Low
     Assignee: Andreas Hasenack (ahasenack)
         Status: In Progress

** Affects: bind9 (Ubuntu)
     Importance: Low
     Assignee: Andreas Hasenack (ahasenack)
         Status: In Progress

** Also affects: bind-dyndb-ldap (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: bind-dyndb-ldap (Ubuntu)
       Status: New => In Progress

** Changed in: bind-dyndb-ldap (Ubuntu)
   Importance: Undecided => Low

** Changed in: bind-dyndb-ldap (Ubuntu)
     Assignee: (unassigned) => Andreas Hasenack (ahasenack)

** Summary changed:

- Incorrect rdn in the bind9 dn entry
+ Incorrect rdn in the bind9 dn entry in the DEP8 test

** Description changed:

  There is a small mistake in the bind9 DN entry, it should have an
  attribute matching the dn, but instead it  mentions a "replicator"
  entity that doesn't exist.
  
- It doesn't fail the test, but it's an incorrect LDAP entry:
+ It doesn't fail the test, but it's an incorrect LDAP entry and should be
+ fixed:
+ 
  diff --git a/debian/tests/dyndb-ldap b/debian/tests/dyndb-ldap
  index 5482bc0..019bf24 100644
  --- a/debian/tests/dyndb-ldap
  +++ b/debian/tests/dyndb-ldap
  @@ -8,6 +8,7 @@ myhostname="dep8"
-  ldap_admin_dn="cn=admin,${ldap_suffix}"
-  ldap_admin_pw="secret"
-  ldap_bind9_dn="uid=bind9,${ldap_suffix}"
+  ldap_admin_dn="cn=admin,${ldap_suffix}"
+  ldap_admin_pw="secret"
+  ldap_bind9_dn="uid=bind9,${ldap_suffix}"
  +ldap_bind9_rdn="uid: bind9" # match ldap_bind9_dn
-  ldap_bind9_pw="secretagain"
-  
-  cleanup() {
+  ldap_bind9_pw="secretagain"
+ 
+  cleanup() {
  @@ -122,7 +123,7 @@ EOF
-  create_bind9_uid() {
-      ldapadd -x -D "${ldap_admin_dn}" -w "${ldap_admin_pw}" <<EOF
-  dn: ${ldap_bind9_dn}
+  create_bind9_uid() {
+      ldapadd -x -D "${ldap_admin_dn}" -w "${ldap_admin_pw}" <<EOF
+  dn: ${ldap_bind9_dn}
  -uid: replicator
  +${ldap_bind9_rdn}
-  objectClass: simpleSecurityObject
-  objectClass: account
-  userPassword: {CRYPT}x
+  objectClass: simpleSecurityObject
+  objectClass: account
+  userPassword: {CRYPT}x
  
- 
- This was fixed in debian already via https://salsa.debian.org/freeipa-team/bind-dyndb-ldap/-/commit/6b5096776ee0502d9cac3966b6aa5f4da4cef664
+ This was fixed in debian already via https://salsa.debian.org/freeipa-
+ team/bind-dyndb-ldap/-/commit/6b5096776ee0502d9cac3966b6aa5f4da4cef664

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2034251

Title:
  Incorrect rdn in the bind9 dn entry in the DEP8 test

Status in bind-dyndb-ldap package in Ubuntu:
  In Progress
Status in bind9 package in Ubuntu:
  In Progress

Bug description:
  There is a small mistake in the bind9 DN entry, it should have an
  attribute matching the dn, but instead it  mentions a "replicator"
  entity that doesn't exist.

  It doesn't fail the test, but it's an incorrect LDAP entry and should
  be fixed:

  diff --git a/debian/tests/dyndb-ldap b/debian/tests/dyndb-ldap
  index 5482bc0..019bf24 100644
  --- a/debian/tests/dyndb-ldap
  +++ b/debian/tests/dyndb-ldap
  @@ -8,6 +8,7 @@ myhostname="dep8"
   ldap_admin_dn="cn=admin,${ldap_suffix}"
   ldap_admin_pw="secret"
   ldap_bind9_dn="uid=bind9,${ldap_suffix}"
  +ldap_bind9_rdn="uid: bind9" # match ldap_bind9_dn
   ldap_bind9_pw="secretagain"

   cleanup() {
  @@ -122,7 +123,7 @@ EOF
   create_bind9_uid() {
       ldapadd -x -D "${ldap_admin_dn}" -w "${ldap_admin_pw}" <<EOF
   dn: ${ldap_bind9_dn}
  -uid: replicator
  +${ldap_bind9_rdn}
   objectClass: simpleSecurityObject
   objectClass: account
   userPassword: {CRYPT}x

  This was fixed in debian already via https://salsa.debian.org/freeipa-
  team/bind-dyndb-ldap/-/commit/6b5096776ee0502d9cac3966b6aa5f4da4cef664

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind-dyndb-ldap/+bug/2034251/+subscriptions

Follow ups

[Bug 2034251] Re: Incorrect rdn in the bind9 dn entry in the DEP8 test
From: Launchpad Bug Tracker, 2023-09-07
[Bug 2034251] Re: Incorrect rdn in the bind9 dn entry in the DEP8 test
From: Andreas Hasenack, 2023-09-05
[Bug 2034251] Re: Incorrect rdn in the bind9 dn entry in the DEP8 test
From: Launchpad Bug Tracker, 2023-09-05