packages/three-eight-nine-ds-base
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix some issues

Browse Source 
Fix dsidm role subtree-status fails with TypeError
Fix name cockpit_present is not defined.
Fix typo
Fix DirSrv has no attribute userid

(cherry picked from commit 3cd6c638f27dd1fbb7d76e7cf6fa1383be0561ee)
This commit is contained in:
wk333 2024-11-27 16:01:41 +08:00 committed by openeuler-sync-bot
parent f29d5af74f
commit 43c4fe3d7b
5 changed files with 147 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
389-ds-base.spec
View File

@ -6,7 +6,7 @@ ExcludeArch: i686
Name: 389-ds-base Name: 389-ds-base
Summary: Base 389 Directory Server Summary: Base 389 Directory Server
Version: 1.4.3.36 Version: 1.4.3.36
Release: 7 Release: 8
License: GPLv3+ License: GPLv3+
URL: https://www.port389.org URL: https://www.port389.org
Source0: https://github.com/389ds/389-ds-base/archive/refs/tags/389-ds-base-%{version}.tar.gz Source0: https://github.com/389ds/389-ds-base/archive/refs/tags/389-ds-base-%{version}.tar.gz
@ -22,6 +22,10 @@ Patch4: CVE-2024-2199.patch
Patch5: CVE-2024-3657.patch Patch5: CVE-2024-3657.patch
Patch6: CVE-2022-1949-Fix-ACI-bypass-in-shortcut-filter-condition.patch Patch6: CVE-2022-1949-Fix-ACI-bypass-in-shortcut-filter-condition.patch
Patch7: CVE-2024-5953.patch Patch7: CVE-2024-5953.patch
Patch8: remove-where-cockpit_present-is-called.patch
Patch9: fix-dsidm-role-subtree-status-fails-with-TypeError.patch
Patch10: fix-typo.patch
Patch11: backport-Issue-5142-CLI-dsctl-dbgen-is-broken.patch
BuildRequires: nspr-devel nss-devel >= 3.34 perl-generators openldap-devel libdb-devel cyrus-sasl-devel icu BuildRequires: nspr-devel nss-devel >= 3.34 perl-generators openldap-devel libdb-devel cyrus-sasl-devel icu
BuildRequires: libicu-devel pcre-devel cracklib-devel gcc-c++ net-snmp-devel lm_sensors-devel bzip2-devel BuildRequires: libicu-devel pcre-devel cracklib-devel gcc-c++ net-snmp-devel lm_sensors-devel bzip2-devel
@ -384,6 +388,12 @@ exit 0
%{_mandir}/*/* %{_mandir}/*/*
%changelog %changelog
* Wed Nov 27 2024 wangkai <13474090681@163.com> - 1.4.3.36-8
- Fix dsidm role subtree-status fails with TypeError
- Fix name cockpit_present is not defined.
- Fix typo
- Fix DirSrv has no attribute userid
* Thu Sep 12 2024 wangkai <13474090681@163.com> - 1.4.3.36-7 * Thu Sep 12 2024 wangkai <13474090681@163.com> - 1.4.3.36-7
- Fix CVE-2022-1949,CVE-2024-5953 - Fix CVE-2022-1949,CVE-2024-5953

40
backport-Issue-5142-CLI-dsctl-dbgen-is-broken.patch Normal file
View File

@ -0,0 +1,40 @@
From ba7ad9a4f7d1509fa201d39099af342bbaf67aaf Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Thu, 3 Feb 2022 16:06:07 -0500
Subject: [PATCH] Issue 5142 - CLI - dsctl dbgen is broken
Description:
Changes to dsctl broke dbgen which requires instance.userid to
set the permissions of the ldif file. It occurred when we added:
local_simple_allocate(). The fix is add userid in this allocate
function.
relates: https://github.com/389ds/389-ds-base/issues/5142
Reviewed by: progier(Thanks!)
---
src/lib389/lib389/__init__.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/lib389/lib389/__init__.py b/src/lib389/lib389/__init__.py
index 78430d720e..b8ca7685f5 100644
--- a/src/lib389/lib389/__init__.py
+++ b/src/lib389/lib389/__init__.py
@@ -446,6 +446,7 @@ def local_simple_allocate(self, serverid, ldapuri=None, binddn='cn=Directory Man
self.isLocal = True
self.ds_paths = Paths(serverid, instance=self, local=self.isLocal)
self.serverid = serverid
+ self.userid = self.ds_paths.user
# Do we have ldapi settings?
self.ldapi_enabled = None
@@ -547,7 +548,7 @@ def allocate(self, args):
self.host = ldapuri_parsed.hostname
try:
self.port = ldapuri_parsed.port
- except ValueError as e:
+ except ValueError:
self.port = DEFAULT_PORT
else:
self.host = args.get(SER_HOST, socket.gethostname())

11
fix-dsidm-role-subtree-status-fails-with-TypeError.patch Normal file
View File

@ -0,0 +1,11 @@
--- 389-ds-base-3.1.1/src/lib389/lib389/cli_idm/role.py 2024-11-26 14:12:42.805280521 +0800
+++ 389-ds-base-3.1.1/src/lib389/lib389/cli_idm/role.py 2024-11-26 14:13:08.157340335 +0800
@@ -109,7 +109,7 @@
filter = ""
scope = ldap.SCOPE_SUBTREE
- role_list = Roles(inst, basedn).filter(filter, scope)
+ role_list = Roles(inst, basedn).filter(filter, scope=scope)
if not role_list:
raise ValueError(f"No entries were found under {basedn} or the user doesn't have an access")

38
fix-typo.patch Normal file
View File

@ -0,0 +1,38 @@
diff --git a/src/lib389/lib389/cli_conf/backend.py b/src/lib389/lib389/cli_conf/backend.py
index 5bcc098..1a02e20 100644
--- a/src/lib389/lib389/cli_conf/backend.py
+++ b/src/lib389/lib389/cli_conf/backend.py
@@ -217,7 +217,7 @@ def backend_create(inst, basedn, log, args):
# Unsupported rdn
raise ValueError("Suffix RDN is not supported for creating suffix object. Only 'dc', 'o', 'ou', and 'cn' are supported.")
- log.info("The database was sucessfully created")
+ log.info("The database was successfully created")
def _recursively_del_backends(be):
@@ -244,7 +244,7 @@ def backend_delete(inst, basedn, log, args, warn=True):
_recursively_del_backends(be)
be.delete()
- log.info("The database, and any sub-suffixes, were sucessfully deleted")
+ log.info("The database, and any sub-suffixes, were successfully deleted")
def backend_import(inst, basedn, log, args):
diff --git a/src/lib389/lib389/config.py b/src/lib389/lib389/config.py
index 00d3846..91b1cf5 100644
--- a/src/lib389/lib389/config.py
+++ b/src/lib389/lib389/config.py
@@ -291,7 +291,7 @@ class Encryption(DSLdapObject):
:type ciphers: list of str
"""
self.set('nsSSL3Ciphers', ','.join(ciphers))
- self._log.info('Remeber to restart the server to apply the new cipher set.')
+ self._log.info('Remember to restart the server to apply the new cipher set.')
self._log.info('Some ciphers may be disabled anyway due to allowWeakCipher attribute.')
def _get_listed_ciphers(self, attr):
--
2.33.0

47
remove-where-cockpit_present-is-called.patch Normal file
View File

@ -0,0 +1,47 @@
From d1f5ab91be74f0c599e619d2ffbf5aa59d389e7c Mon Sep 17 00:00:00 2001
From: cherry530 <707078654@qq.com>
Date: Mon, 25 Nov 2024 15:38:27 +0800
Subject: [PATCH] Remove where cockpit_present is called
Signed-off-by: cherry530 <707078654@qq.com>
---
src/lib389/lib389/cli_ctl/cockpit.py | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/src/lib389/lib389/cli_ctl/cockpit.py b/src/lib389/lib389/cli_ctl/cockpit.py
index afc7247..13a3eae 100644
--- a/src/lib389/lib389/cli_ctl/cockpit.py
+++ b/src/lib389/lib389/cli_ctl/cockpit.py
@@ -27,9 +27,6 @@ def open_firewall(inst, log, args):
"""
Open the firewall for Cockpit service
"""
- if not cockpit_present():
- raise ValueError("The 'cockpit' package is not installed on this system")
-
OPEN_CMD = ['sudo', 'firewall-cmd', '--add-service=cockpit', '--permanent']
if args.zone is not None:
OPEN_CMD.append(f' --zone={args.zone}')
@@ -43,9 +40,6 @@ def disable_cockpit(inst, log, args):
"""
Disable Cockpit socket
"""
- if not cockpit_present():
- raise ValueError("The 'cockpit' package is not installed on this system")
-
DISABLE_CMD = ['sudo', 'systemctl', 'disable', '--now', 'cockpit.socket']
try:
subprocess.run(DISABLE_CMD)
@@ -57,9 +51,6 @@ def close_firewall(inst, log, args):
"""
Close firewall for Cockpit service
"""
- if not cockpit_present():
- raise ValueError("The 'cockpit' package is not installed on this system")
-
CLOSE_CMD = ['sudo', 'firewall-cmd', '--remove-service=cockpit', '--permanent']
try:
subprocess.run(CLOSE_CMD)
--
2.43.0