Changing cyrus user can cause fatal error
Description
On a working system with cyrus plugin changed the cyrus admin user and after wards cannot access systems or users
Distribution Name and Version
Debian Stretch
FusionDirectory Version
1.21
Plugin with the defect
cyrus, mail or simpleplugin
PHP version used
7.0
Origin of php packages
Distribution packages
Steps to Reproduce
- Change in mail config attrib from mail to uid
- Change admin user in cyrus service under server in systems
- save and go back into systems or access users
Expected behavior:
fd will auth to to cyrus on server as new admin user (tested on saslauthd and cyradm)
Actual behavior:
When access users get this error Unknown element type specified!
When accessing Systems get this trace:
Fatal error: Uncaught NonExistingLdapNodeException: Could not open dn serviceCyrus in /usr/share/fusiondirectory/include/simpleplugin/class_simplePlugin.inc:232
Stack trace:
#0 /usr/share/fusiondirectory/include/simpleplugin/class_simpleService.inc(46): simplePlugin->__construct('serviceCyrus', NULL, NULL, false, Array)
#1 /usr/share/fusiondirectory/plugins/admin/systems/class_systemManagement.inc(287): simpleService->__construct('serviceCyrus')
#2 /usr/share/fusiondirectory/include/class_listing.inc(853): systemManagement::listServices(0, 'serviceCyrus', Array)
#3 /usr/share/fusiondirectory/include/class_listing.inc(761): listing->processElementFilter('column', 5, '%{filter:listSe...', Array, 0)
#4 /usr/share/fusiondirectory/include/class_listing.inc(418): listing->renderCell('column', 5, '%{filter:listSe...', Array, 0)
#5 /usr/share/fusiondirectory/include/simpleplugin/class_simpleManagement.inc(519): listing->render()
#6 /usr/share/fusiondirectory/include/simpleplugin/class_simpleManagement.inc(591): simpleManagement-> in /usr/share/fusiondirectory/include/simpleplugin/class_simplePlugin.inc on line 232
Reproduces how often:
Not 100% as it happened as I have made this change once before with success.
Additional Information
ldap of mail server:
version: 1
# Entry 1: cn=ctgw-3.ad.gibb.co.za,ou=servers,ou=systems,dc=ad,dc=gibb,dc...
dn: cn=ctgw-3.ad.gibb.co.za,ou=servers,ou=systems,dc=ad,dc=gibb,dc=co,dc=za
cn: ctgw-3.ad.gibb.co.za
description: Cyrus mail server
fdcyrusadmin: vmail
fdcyrusconnect: {ctgw-3.ad.gibb.co.za:143/notls/novalidate-cert}
fdcyruspassword: secret
fdcyrussieveserver: {ctgw-3.ad.gibb.co.za:4190/notls}
fdmode: unlocked
iphostnumber: 192.168.100.59
l: Cape Town
objectclass: fdServer
objectclass: ipHost
objectclass: ieee802Device
objectclass: fdCyrusServer
Config:
# LDIF Export for cn=config,ou=fusiondirectory,dc=ad,dc=gibb,dc=co,dc=za
# Server: CTGW-3 LDAP Server (127.0.0.1)
# Search Scope: base
# Search Filter: (objectClass=*)
# Total Entries: 1
#
# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on March 27, 2018 1:14 pm
# Version: 1.2.2
version: 1
# Entry 1: cn=config,ou=fusiondirectory,dc=ad,dc=gibb,dc=co,dc=za
dn: cn=config,ou=fusiondirectory,dc=ad,dc=gibb,dc=co,dc=za
cn: config
fdaccountprimaryattribute: uid
fdaclrolerdn: ou=aclroles
fdacltabonobjects: FALSE
fdcasactivated: FALSE
fdcascontext: /cas
fdcashost: localhost
fdcasport: 443
fdcasservercacertpath: /etc/ssl/certs/ca.cert
fdcnpattern: %givenName% %sn%
fdcomponentrdn: ou=netdevices,ou=systems
fdcyrusdeletemailbox: TRUE
fdcyrususeslashes: TRUE
fddashboardexpiredaccountsdays: 15
fddashboardnumberofdigit: 3
fddashboardprefix: PC
fddebuglevel: 0
fddisplayerrors: FALSE
fddisplayhookoutput: FALSE
fdenablesnapshots: TRUE
fdencodings: ISO8859-1=ISO8859-1 (Latin 1)
fdencodings: ISO8859-2=ISO8859-2 (Latin 2)
fdencodings: ISO8859-3=ISO8859-3 (Latin 3)
fdencodings: ISO8859-4=ISO8859-4 (Latin 4)
fdencodings: ISO8859-5=ISO8859-5 (Latin 5)
fdencodings: cp850=CP850 (Europe)
fdforcepassworddefaulthash: FALSE
fdforcesaslpasswordask: FALSE
fdforcessl: FALSE
fdhandleexpiredaccounts: FALSE
fdhttpauthactivated: FALSE
fdhttpheaderauthactivated: FALSE
fdhttpheaderauthheadername: AUTH_USER
fdimaptimeout: 10
fdlanguage: en_US
fdldapsizelimit: 200
fdldapstats: FALSE
fdlistsummary: TRUE
fdlogging: TRUE
fdloginattribute: uid
fdmailattribute: uid
fdmailsharedprefix: shared
fdmobilephonerdn: ou=mobile,ou=systems
fdmodificationdetectionattribute: entryCSN
fdogrouprdn: ou=groups
fdpassworddefaulthash: ssha
fdpasswordrecoveryactivated: FALSE
fdpasswordrecoveryemail: to.be@chang.ed
fdpasswordrecoveryloginattribute: uid
fdpasswordrecoverymail2body:: SGVsbG8sCgpZb3VyIHBhc3N3b3JkIGhhcyBiZWVuIGNoYW
5nZWQuCllvdXIgbG9naW4gaXMgc3RpbGwgJXMu
fdpasswordrecoverymail2subject: [FusionDirectory] Password recovery successf
ul
fdpasswordrecoverymailbody:: SGVsbG8sCgpIZXJlIGlzIHlvdXIgaW5mb3JtYXRpb246IAo
gLSBMb2dpbiA6ICVzCiAtIExpbmsgOiAlcwoKVGhpcyBsaW5rIGlzIG9ubHkgdmFsaWQgZm9yID
EwIG1pbnV0ZXMu
fdpasswordrecoverymailsubject: [FusionDirectory] Password recovery link
fdpasswordrecoverysalt: SomethingSecretAndVeryLong
fdpasswordrecoveryusealternate: FALSE
fdpasswordrecoveryvalidity: 10
fdphonerdn: ou=phones,ou=systems
fdprinterrdn: ou=printers,ou=systems
fdrestrictrolemembers: FALSE
fdschemacheck: TRUE
fdserverrdn: ou=servers,ou=systems
fdsessionlifetime: 7200
fdsnapshotbase: ou=snapshots,dc=ad,dc=gibb,dc=co,dc=za
fdsplitpostaladdress: FALSE
fdsslcacertpath: /etc/ssl/certs/ca.cert
fdsslcertpath: /etc/ssl/certs/fd.cert
fdsslkeypath: /etc/ssl/private/fd.key
fdstrictnamingrules: TRUE
fdsystemrdn: ou=systems
fdterminalrdn: ou=terminals,ou=systems
fdtheme: breezy
fdtimezone: Africa/Johannesburg
fduserrdn: ou=people
fdwarnssl: TRUE
fdworkstationrdn: ou=workstations,ou=systems
fusionconfigmd5: 30f82a7e37c2ee0f6a52485bcd81181a
objectclass: fusionDirectoryConf
objectclass: fdDashboardPluginConf
objectclass: fusionDirectoryPluginsConf
objectclass: fdPasswordRecoveryConf
objectclass: fdMailPluginConf
objectclass: fdSystemsPluginConf