Your message dated Sat, 02 May 2020 12:18:24 +0000 with message-id <E1jUr68-0000iq-S8@fasolo.debian.org> and subject line Bug#935080: fixed in debian-edu-config 2.11.24 has caused the Debian Bug report #935080, regarding slapcat used in gosa hook script gosa-modify-host to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 935080: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935080 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: slapcat used in gosa hook script gosa-modify-host
- From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Date: Mon, 19 Aug 2019 08:30:37 +0000
- Message-id: <20190819083037.Horde.B2vO3Q0tcNFxZiYwmHs7RIb@mail.das-netzwerkteam.de>
Package: debian-edu-config Severity: important Version: 2.10.67 Hi all, the gosa-modify-host script utilizes slapcat to check LDAP for removed hosts: ```www-data@tjener:~$ /usr/bin/sudo /usr/share/debian-edu-config/tools/gosa-modify-host && echo TRUE+ slapcat + grep dell007.intern. + grep -q dhcp + kadmin.local delprinc host/dell007.intern..intern@INTERNdelete_principal: Principal does not exist while deleting principal "host/dell007.intern..intern@INTERN"``` 1.The slapcat tool is an offline administration tool for LDAP and should not be used for day-to-day online tasks.The part where it is used is about cleaning up the /etc/debian-edu/host-keytabs/ directory.The better approach here is going over all files in that folder and doing an ldapsearch query for each host.2.Furthermore, this should not be done in gosa-modify-host, but in a separate CRON job that does not inflict on the execution time of the script.3.Last but not least, the loop over all slapcat'ed hosts aborts if some error occurs and thus ends in the middle of the run.This needs some more love, I guess. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.deAttachment: pgpVXjUBuvSIS.pgp
Description: Digitale PGP-Signatur
--- End Message ---
--- Begin Message ---
- To: 935080-close@bugs.debian.org
- Subject: Bug#935080: fixed in debian-edu-config 2.11.24
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 02 May 2020 12:18:24 +0000
- Message-id: <E1jUr68-0000iq-S8@fasolo.debian.org>
- Reply-to: Holger Levsen <holger@debian.org>
Source: debian-edu-config Source-Version: 2.11.24 Done: Holger Levsen <holger@debian.org> We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 935080@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Holger Levsen <holger@debian.org> (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2020 13:38:52 +0200 Source: debian-edu-config Architecture: source Version: 2.11.24 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers <debian-edu@lists.debian.org> Changed-By: Holger Levsen <holger@debian.org> Closes: 935080 Changes: debian-edu-config (2.11.24) unstable; urgency=medium . [ Mike Gabriel ] * share/debian-edu-config/tools/clean-up-host-keytabs: Add script. Move host keytabs cleanup code out of gosa-modify-host into a standalone script, but still call it from there (for now). Major script improvement: Reduce LDAP calls to a single ldapsearch query which greatly improves the execution speed of the code. (Closes: #935080). Checksums-Sha1: 2ddb1a2284ebbe6d04e4ab0a6b67c26b6c6e9149 1923 debian-edu-config_2.11.24.dsc 079509f5671aee199d2f21e0babb4b07239db3c3 344148 debian-edu-config_2.11.24.tar.xz 1533b50774922019a7a429ad02730d4bf324cb7c 5325 debian-edu-config_2.11.24_source.buildinfo Checksums-Sha256: 192a6cb85e0e95da9e42c7f67e8ddb3c3d9a1a2e9bac59f17f42449430cc3612 1923 debian-edu-config_2.11.24.dsc 98a8921ee77ab1f07958bc5286630a58b4bc3424b8010bcc442c2a74ec5149f6 344148 debian-edu-config_2.11.24.tar.xz ad1dbcd46f1aff0fecf4f883adb57fc3be1cb4718c9397f0119a71369b0191b1 5325 debian-edu-config_2.11.24_source.buildinfo Files: 13ad7081aaaa3c5fbbe34f11ec9da9b3 1923 misc optional debian-edu-config_2.11.24.dsc 7c893c0da037e1136578564554931e02 344148 misc optional debian-edu-config_2.11.24.tar.xz 98d3f5b347708b70157de1e424f9fedd 5325 misc optional debian-edu-config_2.11.24_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAl6tYBgACgkQCRq4Vgaa qhztsw/+I+3OP4YoOE1ucGxt0wuh0vlfNBQVD7VUSYftp63vuTBYBehV+2Q6A21A TWpP/+t5zRC4eGDNMDTxK4EVedfydurKJRzP5MNDTbRuowGNKPjju9mCmm23F92Y FvAhy7J7saU2cD0CF+sadRvBdX2DQDc6Sy6zaUEfJMWmeLfUenSRNsF4OfSv1zaT Up2rVDxjpy8tonFjrEC1pfHnWxo7jPG590q1/6XwHzwC/m5vRHuVO/rs39u93/Fi iDCuuSAbwW90/WoJovd2DGny9aYG40J5Ol9iNlmi5cFm93jOQFEQSdGaKof6004/ lcoMlye1f02mOhJhLm4pGZa14r8Dl+bmwfTSEOhaylGZlEPuyx7D9RCk3cslIZOj tW9b1IBSWxcQQCylH3JYpNQ/VBdN/EZ6pKPXXc3RtPMiIfZnMcGPvt9SdLUhs9gr p9bCtbPtIuhSSrobTyXcjl2HTtiSkpa9/vtmgOuT1Yf9qX5h0RVU4BUBfMHjeas/ F/paknUn28GJlHH4Rf0YLtBMg83pz+TnJ/ma7k/e4TK8OvRi4DXBVjKKcseO/hMW oU/uHst80amkivoZBAqOjFGVvUpcAmhXTFOhjBaoSj5i8iM4kJYQ3wDsIuOa+hwY bEiDrVt/jp5z8WMcQir7ODZOs5ilU2KMKMtxU+OwdR3rv3sPej0= =WW2R -----END PGP SIGNATURE-----
--- End Message ---