freeipa

Clone
Source Code
GIT

#1133 WebUI produces a 903 Internal Error when attempting to enumerate sudocmds
Closed: Fixed None Opened 13 years ago by jraquino.

Closed: Fixed
Reopen Issue

I can verify that 100 entries come back when utilizing the cli when performing an:
ipa sudocmd-find

But when browsing to the corresponding section of the WebUI, an error is thrown and no results return.

/var/log/http/error_log:

[Mon Mar 28 10:57:55 2011] [error] ipa: ERROR: non-public: ValueError: list.remove(x): x not in list
[Mon Mar 28 10:57:55 2011] [error] Traceback (most recent call last):
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 217, in wsgi_execute
[Mon Mar 28 10:57:55 2011] [error]     result = self.Command[name](*args, **options)
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 422, in __call__
[Mon Mar 28 10:57:55 2011] [error]     ret = self.run(*args, **options)
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 728, in run
[Mon Mar 28 10:57:55 2011] [error]     return self.execute(*args, **options)
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line 1398, in execute
[Mon Mar 28 10:57:55 2011] [error]     size_limit=options.get('sizelimit', None)
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipalib/encoder.py", line 188, in new_f
[Mon Mar 28 10:57:55 2011] [error]     return f(*new_args, **kwargs)
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipalib/encoder.py", line 199, in new_f
[Mon Mar 28 10:57:55 2011] [error]     return args[0].decode(f(*args, **kwargs))
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 597, in find_entries
[Mon Mar 28 10:57:55 2011] [error]     (direct, indirect) = self.get_memberof(r[0], memberof, time_limit=time_limit, size_limit=size_limit, normalize=normalize)
[Mon Mar 28 10:57:55 2011] [error]   File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 1020, in get_memberof
[Mon Mar 28 10:57:55 2011] [error]     indirect.remove(r[0].lower())
[Mon Mar 28 10:57:55 2011] [error] ValueError: list.remove(x): x not in list

Part of this problem is due to the fact that FreeIPA allows for "*" to be present in search filters when performing an ipa sudocmd-find --all. This problem manifests on the cli as well.

"*" is an important character to use in sudocmd's since sudo allows for globbing.

A separate Ticket has been opened to address this: https://fedorahosted.org/freeipa/ticket/1140

I am working to produce a patch to address 1140, which in turn should resolve the webui/cli issue.

This error is addressed by the patch that addresses ticket: https://fedorahosted.org/freeipa/ticket/1139

This error has been manifesting because of static container searches in the ldap2.py member / memberof enumeration.

If error handling is desired for this exception, I suggest it be noted that this error occurs if there is a delta between the memberof list passed into this function and the results returned for verifying those memberships. (I.E. is suggests that the memberOf Plugin or referential integrity is some how broken.)

master: cc0e668

ipa-2-0: e71c5ae

Metadata Update from @jraquino:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 2.1 - 2011/08 (Final)
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
critical
None
None
None
None
defect
None
None
IPA
None
0
None
None
None
None
0
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.