yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #86878
[Bug 1939700] [NEW] Keystone LDAP jobs are failing with ldap_modify: No such object (32)
Public bug reported:
If you enable LDAP in a devstack deployment you get errors about
ldap_modify failing.
Example local.conf:
enable_service ldap
LDAP_PASSWORD=ldap_password
Failure:
LDAP_PASSWORD is nomoresecret
+ lib/ldap:install_ldap:133 : local slappass
++ lib/ldap:install_ldap:134 : slappasswd -s nomoresecret
+ lib/ldap:install_ldap:134 : slappass='{SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO'
+ lib/ldap:install_ldap:135 : printf 'LDAP secret is {SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO\n'
LDAP secret is {SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO
+ lib/ldap:install_ldap:138 : _ldap_varsubst /opt/stack/devstack/files/ldap/manager.ldif.in '{SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO'
+ lib/ldap:_ldap_varsubst:55 : local infile=/opt/stack/devstack/files/ldap/manager.ldif.in
+ lib/ldap:_ldap_varsubst:56 : local 'slappass={SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO'
+ lib/ldap:_ldap_varsubst:57 : sed -e '
s|${LDAP_OLCDB_NUMBER}|1|
s|${SLAPPASS}|{SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO|
s|${LDAP_ROOTPW_COMMAND}|replace|
s|${BASE_DC}|openstack|
s|${BASE_DN}|dc=openstack,dc=org|
s|${MANAGER_DN}|cn=Manager,dc=openstack,dc=org|
' /opt/stack/devstack/files/ldap/manager.ldif.in
+ lib/ldap:install_ldap:139 : sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldap.2825.9hlx71VbGB/manager.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: No such object (32)
matched DN: cn=config
modifying entry "olcDatabase={1}hdb,cn=config"
+ lib/ldap:install_ldap:1 : exit_trap
+ ./stack.sh:exit_trap:507 : local r=32
++ ./stack.sh:exit_trap:508 : jobs -p
+ ./stack.sh:exit_trap:508 : jobs=
+ ./stack.sh:exit_trap:511 : [[ -n '' ]]
+ ./stack.sh:exit_trap:517 : '[' -f '' ']'
+ ./stack.sh:exit_trap:522 : kill_spinner
+ ./stack.sh:kill_spinner:417 : '[' '!' -z '' ']'
+ ./stack.sh:exit_trap:524 : [[ 32 -ne 0 ]]
+ ./stack.sh:exit_trap:525 : echo 'Error on exit'
Error on exit
+ ./stack.sh:exit_trap:527 : type -p generate-subunit
+ ./stack.sh:exit_trap:528 : generate-subunit 1628755633 252 fail
+ ./stack.sh:exit_trap:530 : [[ -z /opt/stack/logs ]]
+ ./stack.sh:exit_trap:533 : /usr/bin/python3.8 /opt/stack/devstack/tools/worlddump.py -d /opt/stack/logs
+ ./stack.sh:exit_trap:542 : exit 32
This is also affecting keystone LDAP domain-specific drivers job.
** Affects: keystone
Importance: High
Status: Triaged
** Changed in: keystone
Status: New => Triaged
** Changed in: keystone
Importance: Undecided => High
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1939700
Title:
Keystone LDAP jobs are failing with ldap_modify: No such object (32)
Status in OpenStack Identity (keystone):
Triaged
Bug description:
If you enable LDAP in a devstack deployment you get errors about
ldap_modify failing.
Example local.conf:
enable_service ldap
LDAP_PASSWORD=ldap_password
Failure:
LDAP_PASSWORD is nomoresecret
+ lib/ldap:install_ldap:133 : local slappass
++ lib/ldap:install_ldap:134 : slappasswd -s nomoresecret
+ lib/ldap:install_ldap:134 : slappass='{SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO'
+ lib/ldap:install_ldap:135 : printf 'LDAP secret is {SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO\n'
LDAP secret is {SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO
+ lib/ldap:install_ldap:138 : _ldap_varsubst /opt/stack/devstack/files/ldap/manager.ldif.in '{SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO'
+ lib/ldap:_ldap_varsubst:55 : local infile=/opt/stack/devstack/files/ldap/manager.ldif.in
+ lib/ldap:_ldap_varsubst:56 : local 'slappass={SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO'
+ lib/ldap:_ldap_varsubst:57 : sed -e '
s|${LDAP_OLCDB_NUMBER}|1|
s|${SLAPPASS}|{SSHA}/osxUNAJm+sWLGkdQu2Y3n6uMqRlrIiO|
s|${LDAP_ROOTPW_COMMAND}|replace|
s|${BASE_DC}|openstack|
s|${BASE_DN}|dc=openstack,dc=org|
s|${MANAGER_DN}|cn=Manager,dc=openstack,dc=org|
' /opt/stack/devstack/files/ldap/manager.ldif.in
+ lib/ldap:install_ldap:139 : sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldap.2825.9hlx71VbGB/manager.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: No such object (32)
matched DN: cn=config
modifying entry "olcDatabase={1}hdb,cn=config"
+ lib/ldap:install_ldap:1 : exit_trap
+ ./stack.sh:exit_trap:507 : local r=32
++ ./stack.sh:exit_trap:508 : jobs -p
+ ./stack.sh:exit_trap:508 : jobs=
+ ./stack.sh:exit_trap:511 : [[ -n '' ]]
+ ./stack.sh:exit_trap:517 : '[' -f '' ']'
+ ./stack.sh:exit_trap:522 : kill_spinner
+ ./stack.sh:kill_spinner:417 : '[' '!' -z '' ']'
+ ./stack.sh:exit_trap:524 : [[ 32 -ne 0 ]]
+ ./stack.sh:exit_trap:525 : echo 'Error on exit'
Error on exit
+ ./stack.sh:exit_trap:527 : type -p generate-subunit
+ ./stack.sh:exit_trap:528 : generate-subunit 1628755633 252 fail
+ ./stack.sh:exit_trap:530 : [[ -z /opt/stack/logs ]]
+ ./stack.sh:exit_trap:533 : /usr/bin/python3.8 /opt/stack/devstack/tools/worlddump.py -d /opt/stack/logs
+ ./stack.sh:exit_trap:542 : exit 32
This is also affecting keystone LDAP domain-specific drivers job.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1939700/+subscriptions
Follow ups
