Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1049190
Description of problem: Better input argument validation and error messages for db2index and db2index.pl. Version-Release number of selected component (if applicable): [root@dhcp201-149 basic]# rpm -qa | grep 389 389-adminutil-1.1.15-3.fc19.1.x86_64 389-admin-1.1.31-1.fc19.2.x86_64 389-admin-console-doc-1.1.8-5.fc19.noarch 389-console-1.1.7-4.fc19.noarch 389-ds-base-1.3.1.6-12.el7.x86_64 389-admin-console-1.1.8-5.fc19.noarch 389-ds-console-doc-1.2.7-2.fc19.noarch 389-dsgw-1.1.10-1.fc19.x86_64 389-ds-base-libs-1.3.1.6-12.el7.x86_64 389-ds-console-1.2.7-2.fc19.noarch 389-ds-1.2.2-4.fc19.noarch How reproducible: Always Steps to Reproduce: Test Case 1:: Difference in results for same thing ===================================================== [root@dhcp201-149 ~]# db2index -n userRoot -t cn:eq sub [06/Jan/2014:15:00:28 +051800] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [06/Jan/2014:15:00:28 +051800] - check_and_set_import_cache: pagesize: 4096, pages: 479602, procpages: 53190 [06/Jan/2014:15:00:28 +051800] - Import allocates 767360KB import cache. [06/Jan/2014:15:00:28 +051800] - userRoot: Indexing attribute: cn [06/Jan/2014:15:00:28 +051800] - userRoot: Finished indexing. [06/Jan/2014:15:00:28 +051800] - All database threads now stopped [root@dhcp201-149 ~]# db2index.pl -v -D "cn=Directory Manager" -w Secret123 -n userRoot -t mail:eq sub Usage: db2index.pl [-Z serverID] [-D rootdn] { -w password | -w - | -j filename } [-P protocol] -n backendname [-t attributeName[:indextypes[:matchingrules]]] [-T vlvTag] [-v] [-h] Test Case 2 :: Difference in results for same thing ===================================================== [root@dhcp201-149 ~]# db2index -n userRoot -t givenname:eq, sub [06/Jan/2014:15:05:35 +051800] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [06/Jan/2014:15:05:35 +051800] - check_and_set_import_cache: pagesize: 4096, pages: 479602, procpages: 53189 [06/Jan/2014:15:05:35 +051800] - Import allocates 767360KB import cache. [06/Jan/2014:15:05:35 +051800] - userRoot: Indexing attribute: givenname [06/Jan/2014:15:05:35 +051800] - userRoot: Finished indexing. [06/Jan/2014:15:05:35 +051800] - All database threads now stopped [root@dhcp201-149 ~]# db2index.pl -v -D "cn=Directory Manager" -w Secret123 -n userRoot -t mail:eq, sub Usage: db2index.pl [-Z serverID] [-D rootdn] { -w password | -w - | -j filename } [-P protocol] -n backendname [-t attributeName[:indextypes[:matchingrules]]] [-T vlvTag] [-v] [-h] Actual results: 1. -t attribute:type, type AND -t attribute:type type gives different output for db2index and db2index.pl. 2. In both cases Index does not get created. Expected results: Proper error message and validation required. Additional info: Found this bug while testing https://bugzilla.redhat.com/show_bug.cgi?id=918695
attachment 0001-Ticket-47662-Better-input-argument-validation-and-er.patch
LGTM.
f000528..d4eadae master -> master commit d4eadae Author: Mark Reynolds mreynolds@redhat.com Date: Fri Dec 9 15:16:38 2016 -0500
Metadata Update from @mreynolds: - Issue assigned to mreynolds - Issue set to the milestone: 1.3.6.0
During the bug verification, a regression was found.
In the db2ldif tool, option '-a' is completely ignored.
Command: [root@qeos-249 tmp]# /usr/lib64/dirsrv/slapd-deftestinst/db2ldif -1 -n attrcrypt.com -E -a /ldifstorage/export2.ldif
Expected results: Exported ldif file: /ldifstorage/export2.ldif [10/Apr/2017:04:20:03.869235411 -0400] SSL alert: Sending pin request to SVRCore. You may need to run systemd-tty-ask-password-agent to provide the password. ldiffile: /ldifstorage/export2.ldif [10/Apr/2017:04:20:03.882845190 -0400] attrcrypt - _back_crypt_crypto_op decrypt (16) [10/Apr/2017:04:20:03.883384879 -0400] export attrcrypt.com: Processed 3 entries (100%). [10/Apr/2017:04:20:03.883808312 -0400] All database threads now stopped
Actual results: Exported ldif file: /var/lib/dirsrv/slapd-deftestinst/ldif/deftestinst-2017_04_10_041941.ldif [10/Apr/2017:04:19:41.945090565 -0400] SSL alert: Sending pin request to SVRCore. You may need to run systemd-tty-ask-password-agent to provide the password. ldiffile: /var/lib/dirsrv/slapd-deftestinst/ldif/deftestinst-2017_04_10_041941.ldif [10/Apr/2017:04:19:41.959166887 -0400] attrcrypt - _back_crypt_crypto_op decrypt (16) [10/Apr/2017:04:19:41.959848923 -0400] export attrcrypt.com: Processed 3 entries (100%). [10/Apr/2017:04:19:41.960353583 -0400] All database threads now stopped
Additional information: In the ldap/admin/src/scripts/db2ldif.in, on the line 133 command 'shift $(($OPTIND - 1))' happens. It causes that '$@' doesn't contain parameters anymore. Because of this, on line 159, command make_ldiffile $@ returns one predefined line every time.
make_ldiffile $@
It is possible that some other scripts were affected too.
Metadata Update from @spichugi: - Issue close_status updated to: None (was: Fixed)
Metadata Update from @spichugi: - Issue status updated to: Open (was: Closed)
<img alt="0001-Issue-47662-CLI-args-get-removed.patch" src="/389-ds-base/issue/raw/files/4520bcf8c4e831ae8082eb72b5c43eee10acfc641324b3ccc25485fd33df2ba2-0001-Issue-47662-CLI-args-get-removed.patch" />
Metadata Update from @mreynolds: - Custom field reviewstatus adjusted to review (was: ack)
(sorry, I could not find it in the previous review...)
Metadata Update from @nhosoi: - Custom field reviewstatus adjusted to ack (was: review)
Don't apologize, it's not obvious that this line strips it
shift $(($OPTIND - 1))
Thanks for reviewing again!
f5e4b8a..1b5a578 master -> master
Metadata Update from @mreynolds: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
One more regression was found. In ldap/admin/src/scripts/db2index.in:
74 if [ -z $servid ] && [ $# -eq 0 ]; then 75 idxall=1 76 elif [ "$servid" ] && [ $# -eq 2 ]; then 77 idxall=1 78 elif [ -z $benameopt ] && [ -z $includeSuffix ]; then 79 print_usage=1 80 fi 81 if [ -z $servid ] && [ $# -lt 2 ]; then 82 print_usage=1 83 elif [ -n "$servid" ] && [ $# -lt 4 ]; then 84 print_usage=1 85 elif [ -n "$servid" ] && [ $# -eq 4 ]; then 86 idxall=1 87 fi
We use "$#" after we've shifted the parameters with "shift $(($OPTIND - 1))". It causes an incorrect behaviour like:
db2index -Z slapd-s1 -n userRoot -t entryrdn # Prints a usage, though it should work
Also, I've checked all other scripts and they don't have this issue.
<img alt="0001-Ticket-7662-db2index-not-properly-evalauating-argume.patch" src="/389-ds-base/issue/raw/files/43382a1679884728f5e90e2587335ab17ea8b543fab422e21e853992f28c8c12-0001-Ticket-7662-db2index-not-properly-evalauating-argume.patch" />
Looks good, seems like a simple fix. Thanks for this.
Metadata Update from @firstyear: - Custom field reviewstatus adjusted to ack (was: review)
683737b..46011e2 master -> master
f84cdfd..d518a45 389-ds-base-1.3.6 -> 389-ds-base-1.3.6
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/999
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: fixed)
Login to comment on this ticket.