#72 Persistent search doesn't handle object rename correctly
Closed: Fixed None Opened 9 years ago by pspacek.

LDAP moddn operation is not handled correctly if psearch is enabled.

LDIF:

dn: idnsName=test,idnsname=ee.localnet,cn=dns,dc=e,dc=org
changetype: moddn
newrdn: idnsName=test2
deleteoldrdn: 1
newsuperior: idnsname=ee.localnet,cn=dns,dc=e,dc=org

BIND log:

31-May-2012 14:47:45.359 psearch moddn change is not implemented
31-May-2012 14:47:45.359 psearch_update failed for idnsname=test2,idnsname=ee.localnet,cn=dns,dc=e,dc=org zone. Zone can be outdated, run `rndc reload`

LDAP MODDN and persistent search behaviour

Command necessary to watch persistent search events/results:

/usr/lib64/mozldap/ldapsearch -b 'cn=dns,dc=e,dc=org' '(objectClass=*)' -C PS:any

Initial DB content

version: 1

dn: cn=dns,dc=e,dc=org
objectClass: top
objectClass: nsContainer
cn: dns

dn: idnsname=zone.example,cn=dns,dc=e,dc=org
objectClass: idnsZone
objectClass: idnsRecord
objectClass: top
idnsName: zone.example
idnsSOAexpire: 666
idnsSOAminimum: 1
idnsSOAmName: nonexistent
idnsSOArefresh: 123
idnsSOAretry: 123
idnsSOArName: nonexistent
idnsSOAserial: 2012060388
idnsZoneActive: TRUE
idnsAllowDynUpdate: FALSE
idnsUpdatePolicy: grant E.EXAMPLE krb5-self * A;
nSRecord: unused-4-107.brq.redhat.com.
tXTRecord: zone.example

dn: idnsName=test,idnsname=zone.example,cn=dns,dc=e,dc=org
objectClass: top
objectClass: idnsRecord
idnsName: test
tXTRecord: test string

dn: cn=outside-dns-subtree,dc=e,dc=org
objectClass: top
objectClass: nsContainer
cn: outside-dns-subtree

In place object rename

Input:

dn: idnsname=test,idnsname=zone.example,cn=dns,dc=e,dc=org
changetype: moddn
newrdn: idnsname=test2
deleteoldrdn: 1
newsuperior: idnsname=zone.example,cn=dns,dc=e,dc=org

Persistent search result:

dn: idnsname=test2,idnsname=zone.example,cn=dns,dc=e,dc=org
persistentSearch-changeType: moddn
persistentSearch-previousDN: idnsname=test,idnsname=zone.example,cn=dns,dc=e,dc=org
objectClass: idnsRecord
objectClass: top
tXTRecord: test string
idnsName: test2

Move to ouside of cn=dns subtree

Input:

dn: idnsname=test,idnsname=zone.example,cn=dns,dc=e,dc=org
changetype: moddn
newrdn: idnsname=test
deleteoldrdn: 1
newsuperior: cn=outside-dns-subtree,dc=e,dc=org

Persistent search result:

Result is "nothing". Move outside subtree used in initial search base is not reported.

Accorting to http://tools.ietf.org/html/draft-ietf-ldapext-psearch-03#section-8.2 it is expected behaviour.


Move into cn=dns subtree

Input:

dn: idnsname=test,cn=outside-dns-subtree,dc=e,dc=org
changetype: moddn
newrdn: idnsname=test
deleteoldrdn: 1
newsuperior: idnsname=zone.example,cn=dns,dc=e,dc=org

Persistent search result:

dn: idnsname=test,idnsname=zone.example,cn=dns,dc=e,dc=org
persistentSearch-changeType: moddn
persistentSearch-previousDN: idnsname=test,cn=outside-dns-subtree,dc=e,dc=org
objectClass: top
objectClass: idnsRecord
tXTRecord: test string
idnsName: test

LDAP schema declares idnsName as single-valued attribute, so deleteoldrdn moddn argument should not be significant for us.

See [X.511]]([http://www.itu.int/rec/T-REC-X.511/|ITU) section "11.4.2 Modify DN arguments".

Metadata Update from @pspacek:
- Issue assigned to pspacek
- Issue set to the milestone: 3.0 IPA

5 years ago

Login to comment on this ticket.

Metadata