Package: debian-edu-config Severity: important Version: 2.10.67 Hi all, the gosa-modify-host script utilizes slapcat to check LDAP for removed hosts: ```www-data@tjener:~$ /usr/bin/sudo /usr/share/debian-edu-config/tools/gosa-modify-host && echo TRUE
+ slapcat + grep dell007.intern. + grep -q dhcp + kadmin.local delprinc host/dell007.intern..intern@INTERNdelete_principal: Principal does not exist while deleting principal "host/dell007.intern..intern@INTERN"
``` 1.The slapcat tool is an offline administration tool for LDAP and should not be used for day-to-day online tasks.
The part where it is used is about cleaning up the /etc/debian-edu/host-keytabs/ directory.
The better approach here is going over all files in that folder and doing an ldapsearch query for each host.
2.Furthermore, this should not be done in gosa-modify-host, but in a separate CRON job that does not inflict on the execution time of the script.
3.Last but not least, the loop over all slapcat'ed hosts aborts if some error occurs and thus ends in the middle of the run.
This needs some more love, I guess. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
Attachment:
pgpIaQ2ILaeZQ.pgp
Description: Digitale PGP-Signatur