Fix some issues

Fix dsidm role subtree-status fails with TypeError Fix name cockpit_present is not defined. Fix typo Fix DirSrv has no attribute userid (cherry picked from commit 3cd6c638f27dd1fbb7d76e7cf6fa1383be0561ee)
2024-11-27 16:01:41 +08:00 · 2024-11-27 16:01:41 +08:00 · 43c4fe3d7b
commit 43c4fe3d7b
parent f29d5af74f
5 changed files with 147 additions and 1 deletions
--- a/389-ds-base.spec
+++ b/389-ds-base.spec
@ -6,7 +6,7 @@ ExcludeArch:   i686
 Name:          389-ds-base
 Summary:       Base 389 Directory Server
 Version:       1.4.3.36
-Release:       7
+Release:       8
 License:       GPLv3+
 URL:           https://www.port389.org
 Source0:       https://github.com/389ds/389-ds-base/archive/refs/tags/389-ds-base-%{version}.tar.gz
@ -22,6 +22,10 @@ Patch4:        CVE-2024-2199.patch
 Patch5:        CVE-2024-3657.patch
 Patch6:        CVE-2022-1949-Fix-ACI-bypass-in-shortcut-filter-condition.patch
 Patch7:        CVE-2024-5953.patch
+Patch8:        remove-where-cockpit_present-is-called.patch
+Patch9:        fix-dsidm-role-subtree-status-fails-with-TypeError.patch
+Patch10:       fix-typo.patch
+Patch11:       backport-Issue-5142-CLI-dsctl-dbgen-is-broken.patch

 BuildRequires: nspr-devel nss-devel >= 3.34 perl-generators openldap-devel libdb-devel cyrus-sasl-devel icu
 BuildRequires: libicu-devel pcre-devel cracklib-devel gcc-c++ net-snmp-devel lm_sensors-devel bzip2-devel
@ -384,6 +388,12 @@ exit 0
 %{_mandir}/*/*

 %changelog
+* Wed Nov 27 2024 wangkai <13474090681@163.com> - 1.4.3.36-8
+- Fix dsidm role subtree-status fails with TypeError
+- Fix name cockpit_present is not defined.
+- Fix typo
+- Fix DirSrv has no attribute userid
+
 * Thu Sep 12 2024 wangkai <13474090681@163.com> - 1.4.3.36-7
 - Fix CVE-2022-1949,CVE-2024-5953

--- a/backport-Issue-5142-CLI-dsctl-dbgen-is-broken.patch
+++ b/backport-Issue-5142-CLI-dsctl-dbgen-is-broken.patch
@ -0,0 +1,40 @@
+From ba7ad9a4f7d1509fa201d39099af342bbaf67aaf Mon Sep 17 00:00:00 2001
+From: Mark Reynolds <mreynolds@redhat.com>
+Date: Thu, 3 Feb 2022 16:06:07 -0500
+Subject: [PATCH] Issue 5142 - CLI - dsctl dbgen is broken
+
+Description:
+
+Changes to dsctl broke dbgen which requires instance.userid to
+set the permissions of the ldif file. It occurred when we added:
+local_simple_allocate(). The fix is add userid in this allocate
+function.
+
+relates: https://github.com/389ds/389-ds-base/issues/5142
+
+Reviewed by: progier(Thanks!)
+---
+ src/lib389/lib389/__init__.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib389/lib389/__init__.py b/src/lib389/lib389/__init__.py
+index 78430d720e..b8ca7685f5 100644
+--- a/src/lib389/lib389/__init__.py
+++ b/src/lib389/lib389/__init__.py
+@@ -446,6 +446,7 @@ def local_simple_allocate(self, serverid, ldapuri=None, binddn='cn=Directory Man
+         self.isLocal = True
+         self.ds_paths = Paths(serverid, instance=self, local=self.isLocal)
+         self.serverid = serverid
+        self.userid = self.ds_paths.user
+ 
+         # Do we have ldapi settings?
+         self.ldapi_enabled = None
+@@ -547,7 +548,7 @@ def allocate(self, args):
+             self.host = ldapuri_parsed.hostname
+             try:
+                 self.port = ldapuri_parsed.port
+-            except ValueError as e:
+            except ValueError:
+                 self.port = DEFAULT_PORT
+         else:
+             self.host = args.get(SER_HOST, socket.gethostname())
--- a/fix-dsidm-role-subtree-status-fails-with-TypeError.patch
+++ b/fix-dsidm-role-subtree-status-fails-with-TypeError.patch
@ -0,0 +1,11 @@
+--- 389-ds-base-3.1.1/src/lib389/lib389/cli_idm/role.py	2024-11-26 14:12:42.805280521 +0800
+++ 389-ds-base-3.1.1/src/lib389/lib389/cli_idm/role.py	2024-11-26 14:13:08.157340335 +0800
+@@ -109,7 +109,7 @@
+     filter = ""
+     scope = ldap.SCOPE_SUBTREE
+ 
+-    role_list = Roles(inst, basedn).filter(filter, scope)
+    role_list = Roles(inst, basedn).filter(filter, scope=scope)
+     if not role_list:
+         raise ValueError(f"No entries were found under {basedn} or the user doesn't have an access")
+ 
--- a/fix-typo.patch
+++ b/fix-typo.patch
@ -0,0 +1,38 @@
+diff --git a/src/lib389/lib389/cli_conf/backend.py b/src/lib389/lib389/cli_conf/backend.py
+index 5bcc098..1a02e20 100644
+--- a/src/lib389/lib389/cli_conf/backend.py
+++ b/src/lib389/lib389/cli_conf/backend.py
+@@ -217,7 +217,7 @@ def backend_create(inst, basedn, log, args):
+             # Unsupported rdn
+             raise ValueError("Suffix RDN is not supported for creating suffix object.  Only 'dc', 'o', 'ou', and 'cn' are supported.")
+ 
+-    log.info("The database was sucessfully created")
+    log.info("The database was successfully created")
+ 
+ 
+ def _recursively_del_backends(be):
+@@ -244,7 +244,7 @@ def backend_delete(inst, basedn, log, args, warn=True):
+     _recursively_del_backends(be)
+     be.delete()
+ 
+-    log.info("The database, and any sub-suffixes, were sucessfully deleted")
+    log.info("The database, and any sub-suffixes, were successfully deleted")
+ 
+ 
+ def backend_import(inst, basedn, log, args):
+diff --git a/src/lib389/lib389/config.py b/src/lib389/lib389/config.py
+index 00d3846..91b1cf5 100644
+--- a/src/lib389/lib389/config.py
+++ b/src/lib389/lib389/config.py
+@@ -291,7 +291,7 @@ class Encryption(DSLdapObject):
+         :type ciphers: list of str
+         """
+         self.set('nsSSL3Ciphers', ','.join(ciphers))
+-        self._log.info('Remeber to restart the server to apply the new cipher set.')
+        self._log.info('Remember to restart the server to apply the new cipher set.')
+         self._log.info('Some ciphers may be disabled anyway due to allowWeakCipher attribute.')
+ 
+     def _get_listed_ciphers(self, attr):
+-- 
+2.33.0
+
--- a/remove-where-cockpit_present-is-called.patch
+++ b/remove-where-cockpit_present-is-called.patch
@ -0,0 +1,47 @@
+From d1f5ab91be74f0c599e619d2ffbf5aa59d389e7c Mon Sep 17 00:00:00 2001
+From: cherry530 <707078654@qq.com>
+Date: Mon, 25 Nov 2024 15:38:27 +0800
+Subject: [PATCH] Remove where cockpit_present is called
+
+Signed-off-by: cherry530 <707078654@qq.com>
+---
+ src/lib389/lib389/cli_ctl/cockpit.py | 9 ---------
+ 1 file changed, 9 deletions(-)
+
+diff --git a/src/lib389/lib389/cli_ctl/cockpit.py b/src/lib389/lib389/cli_ctl/cockpit.py
+index afc7247..13a3eae 100644
+--- a/src/lib389/lib389/cli_ctl/cockpit.py
+++ b/src/lib389/lib389/cli_ctl/cockpit.py
+@@ -27,9 +27,6 @@ def open_firewall(inst, log, args):
+     """
+     Open the firewall for Cockpit service
+     """
+-    if not cockpit_present():
+-        raise ValueError("The 'cockpit' package is not installed on this system")
+-
+     OPEN_CMD = ['sudo', 'firewall-cmd', '--add-service=cockpit', '--permanent']
+     if args.zone is not None:
+         OPEN_CMD.append(f' --zone={args.zone}')
+@@ -43,9 +40,6 @@ def disable_cockpit(inst, log, args):
+     """
+     Disable Cockpit socket
+     """
+-    if not cockpit_present():
+-        raise ValueError("The 'cockpit' package is not installed on this system")
+-
+     DISABLE_CMD = ['sudo', 'systemctl', 'disable', '--now', 'cockpit.socket']
+     try:
+         subprocess.run(DISABLE_CMD)
+@@ -57,9 +51,6 @@ def close_firewall(inst, log, args):
+     """
+     Close firewall for Cockpit service
+     """
+-    if not cockpit_present():
+-        raise ValueError("The 'cockpit' package is not installed on this system")
+-
+     CLOSE_CMD = ['sudo', 'firewall-cmd', '--remove-service=cockpit', '--permanent']
+     try:
+         subprocess.run(CLOSE_CMD)
+-- 
+2.43.0
+