OpenStack Identity (keystone)

Update Object on LDAP module breaks if there is no update

Bug #1117362 reported by Jose Castro Leon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Undecided
Jose Castro Leon
OpenStack Identity (keystone) 2013.1 "grizzly"

Bug Description

When doing an update of an existing tenant with the same values stored on LDAP (it's done on horizon while modifying a tenant) it crashes on LDAP server. You can see in the debug trace than the update_s is done with an empty modlist.
This operation can not be done on Active Directory servers as backend.

2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] ******************** REQUEST ENVIRON ********************
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] SCRIPT_NAME = /v2.0
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] webob.adhoc_attrs = {'response': <Response at 0x2c69c90 200 OK>}
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] REQUEST_METHOD = POST
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] PATH_INFO = /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] SERVER_PROTOCOL = HTTP/1.0
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] CONTENT_LENGTH = 149
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] HTTP_X_AUTH_TOKEN = keystone_admin_token
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] HTTP_USER_AGENT = python-keystoneclient
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] eventlet.posthooks = []
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] RAW_PATH_INFO = /v2.0//tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] REMOTE_ADDR = 128.142.34.211
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] eventlet.input = <eventlet.wsgi.Input object at 0x2c5df90>
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.url_scheme = https
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] SERVER_PORT = 35357
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.input = <cStringIO.StringI object at 0x1cf01b0>
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] openstack.context = {'token_id': '*******', 'is_admin': True}
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] HTTP_HOST = lxbrf17b01.cern.ch:35357
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] HTTPS = on
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.multithread = True
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] openstack.params = {u'tenant': {u'enabled': True, u'description': u'Private Project for user jcastro', u'name': u'jcastro Private', u'id': u'77e43eef529e46278db52ef2d496850b'}}
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.version = (1, 0)
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] SERVER_NAME = 128.142.34.211
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] GATEWAY_INTERFACE = CGI/1.1
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.run_once = False
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.errors = <open file '<stderr>', mode 'w' at 0x7f41081241e0>
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] wsgi.multiprocess = False
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] webob.is_body_seekable = True
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] CONTENT_TYPE = application/json
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] HTTP_ACCEPT_ENCODING = gzip, deflate
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi]
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] ******************** REQUEST BODY ********************
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] {"tenant": {"description": "Private Project for user jcastro", "enabled": true, "id": "77e43eef529e46278db52ef2d496850b", "name": "jcastro Private"}}
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi]
2013-02-06 15:10:13 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:10:13 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.ec2.core.Ec2Extension object at 0x2ab3c10>}
2013-02-06 15:10:13 DEBUG [routes.middleware] Match dict: {'controller': <keystone.contrib.ec2.core.Ec2Extension object at 0x2ab3c10>, 'path_info': '/tenants/77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:10:13 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:10:13 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.s3.core.S3Extension object at 0x2aaa8d0>}
2013-02-06 15:10:13 DEBUG [routes.middleware] Match dict: {'controller': <keystone.contrib.s3.core.S3Extension object at 0x2aaa8d0>, 'path_info': '/tenants/77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:10:13 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:10:13 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.admin_crud.core.CrudExtension object at 0x2aa36d0>}
2013-02-06 15:10:13 DEBUG [routes.middleware] Match dict: {'controller': <keystone.contrib.admin_crud.core.CrudExtension object at 0x2aa36d0>, 'path_info': '/tenants/77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:10:13 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:10:13 DEBUG [routes.middleware] Route path: '/tenants/{tenant_id}', defaults: {'action': u'update_tenant', 'controller': <keystone.identity.core.TenantController object at 0x2b2dcd0>}
2013-02-06 15:10:13 DEBUG [routes.middleware] Match dict: {'action': u'update_tenant', 'tenant_id': u'77e43eef529e46278db52ef2d496850b', 'controller': <keystone.identity.core.TenantController object at 0x2b2dcd0>}
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] arg_dict: {'tenant_id': u'77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:10:13 DEBUG [keystone.common.ldap.core] LDAP init: url=ldaps://cerndc.cern.ch
2013-02-06 15:10:13 DEBUG [keystone.common.ldap.core] LDAP bind: dn=CN=svckeyad,OU=Users,OU=Organic Units,DC=cern,DC=ch
2013-02-06 15:10:13 DEBUG [keystone.common.ldap.core] LDAP search: dn=cn=77e43eef529e46278db52ef2d496850b,OU=Tenants,OU=Agile,DC=cern,DC=ch, scope=0, query=(objectClass=groupOfNames), attrs=['cn', 'extensionName', 'ou', 'description']
2013-02-06 15:10:13 DEBUG [keystone.common.ldap.core] LDAP init: url=*******
2013-02-06 15:10:13 DEBUG [keystone.common.ldap.core] LDAP bind: *******
2013-02-06 15:10:13 DEBUG [keystone.common.ldap.core] LDAP modify: dn=cn=77e43eef529e46278db52ef2d496850b,OU=Tenants,OU=Agile,DC=cern,DC=ch, modlist=[]
2013-02-06 15:10:13 ERROR [root] {'info': '00000057: LdapErr: DSID-0C090B73, comment: Error in attribute conversion operation, data 0, v1772', 'desc': 'Server is unwilling to perform'}
Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/keystone/common/wsgi.py", line 204, in __call__
    result = method(context, **params)
  File "/usr/lib/python2.6/site-packages/keystone/identity/core.py", line 405, in update_tenant
    context, tenant_id, tenant)
  File "/usr/lib/python2.6/site-packages/keystone/common/manager.py", line 47, in _wrapper
    return f(*args, **kw)
  File "/usr/lib/python2.6/site-packages/keystone/identity/backends/ldap/core.py", line 224, in update_tenant
    return self.tenant.update(tenant_id, tenant)
  File "/usr/lib/python2.6/site-packages/keystone/identity/backends/ldap/core.py", line 623, in update
    return super(TenantApi, self).update(id, values, old_obj)
  File "/usr/lib/python2.6/site-packages/keystone/common/ldap/core.py", line 326, in update
    conn.modify_s(self._id_to_dn(id), modlist)
  File "/usr/lib/python2.6/site-packages/keystone/common/ldap/core.py", line 433, in modify_s
    return self.conn.modify_s(dn, ldap_modlist)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 336, in modify_s
    return self.result(msgid,all=1,timeout=self.timeout)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 436, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 440, in result2
    res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 446, in result3
    ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
UNWILLING_TO_PERFORM: {'info': '00000057: LdapErr: DSID-0C090B73, comment: Error in attribute conversion operation, data 0, v1772', 'desc': 'Server is unwilling to perform'}
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] ******************** RESPONSE HEADERS ********************
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] Vary = X-Auth-Token
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] Content-Type = application/json
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] Content-Length = 295
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi]
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] ******************** RESPONSE BODY ********************
2013-02-06 15:10:13 DEBUG [keystone.common.wsgi] {"error": {"message": "An unexpected error prevented the server from fulfilling your request. {'info': '00000057: LdapErr: DSID-0C090B73, comment: Error in attribute conversion operation, data 0, v1772', 'desc': 'Server is unwilling to perform'}", "code": 500, "title": "Internal Server Error"}}
2013-02-06 15:10:13 DEBUG [eventlet.wsgi.server] 128.142.34.211 - - [06/Feb/2013 15:10:13] "POST /v2.0//tenants/77e43eef529e46278db52ef2d496850b HTTP/1.1" 500 443 0.037246

Jose Castro Leon (jose-castro-leon)
Changed in keystone:
assignee: nobody → Jose Castro Leon (jose-castro-leon)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/21322

Changed in keystone:
status: New → In Progress
Revision history for this message
Jose Castro Leon (jose-castro-leon) wrote : Re: Tenant update on LDAP module breaks if no updates

It could be also applied to any object in LDAP (Users, Projects, Roles and Groups)

summary: - Tenant update on LDAP module breaks if no updates
+ Update Object on LDAP module breaks if there is no update
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/21322
Committed: http://github.com/openstack/keystone/commit/2930a289773c8c6124971bed66216db91d48c70d
Submitter: Jenkins
Branch: master

commit 2930a289773c8c6124971bed66216db91d48c70d
Author: Jose Castro Leon <email address hidden>
Date: Wed Feb 6 16:36:15 2013 +0100

    Tenant update on LDAP breaks if there is no update to apply

    Fixes bug 1117362

    Change-Id: Ia47f8a7cd38dcaaceafed39cbdd837ba9a67969f

Changed in keystone:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in keystone:
milestone: none → grizzly-3
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in keystone:
milestone: grizzly-3 → 2013.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.