** Description changed:
[ Impact ]
The samba-tool gpo commands crash because the python code is using a
method that was removed the python version available in noble. This
crash prevents the use and management of group policy objects in a samba
active directory controller.
[ Test Plan ]
Since this is a plain "method has no attribute foo" error, I tried a
reproducer that didn't involve deploying a samba active directory
controller, but didn't find a way.
So the test plan is as follows:
- deploy samba active directory controller in noble. Here[1] is a how-to
guide.
- - run these commands:
- sudo samba-tool gpo admxload -U Administrator
- sudo samba-tool gpo create testgpo -U Administrator
-
- - run this command, and take note of the testgpo UUID you get in the
- output (that's the GPO field):
-
- samba-tool gpo listall -U Administrator | grep -B1 testgpo
-
- Example:
-
- sudo samba-tool gpo listall -U Administrator | grep -B1 testgpo
- GPO : {B5BD8D04-3729-4561-B5B2-7D86B7242721}
- display name : testgpo
-
- - now we run the actual test command, using the UUID from the output
- above:
+ - run the test command, using the default UUID for the Default Domain Policy
sudo samba-tool gpo manage motd set
- {B5BD8D04-3729-4561-B5B2-7D86B7242721} "Welcome" -U Administrator
+ {31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator
- without the fix, that will crash with a python backtrace:
-
- $ sudo samba-tool gpo manage motd set
- {31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
Password for [EXAMPLE\Administrator]:
ERROR(<class 'AttributeError'>): uncaught exception - 'ConfigParser' object
has no attribute 'readfp'
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3838, in run
reg.increment_gpt_ini(machine_changed=True)
File "/usr/lib/python3/dist-packages/samba/policies.py", line 177, in
increment_gpt_ini
parser.parse(data)
File "/usr/lib/python3/dist-packages/samba/gp_parse/gp_ini.py", line 112,
in parse
super(GPTIniParser, self).parse(contents)
File "/usr/lib/python3/dist-packages/samba/gp_parse/gp_ini.py", line 41, in
parse
self.ini_conf.readfp(StringIO(contents.decode(self.encoding)))
^^^^^^^^^^^^^^^^^^^^
- with the fix, the command will not fail, and exit silently
- confirm that the motd gpo was set. The output should be "Welcome":
sudo samba-tool gpo manage motd list
- {B5BD8D04-3729-4561-B5B2-7D86B7242721};echo
+ {31B2F340-016D-11D2-945F-00C04FB984F9};echo
It is out of scope for this bug to test the actual group policy object.
I believe that is fine, given the type of error.
Furthermore, bug
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854 which is
also being fixed in this SRU will involve some GPO testing.
1. https://documentation.ubuntu.com/server/how-to/samba/provision-samba-
ad-controller/
[ Where problems could occur ]
* Think about what the upload changes in the software. Imagine the
change is wrong or breaks something else: how would this show up?
* It is assumed that any SRU candidate patch is well-tested before
upload and has a low overall risk of regression, but it's important
to make the effort to think about what ''could'' happen in the event
of a regression.
* This must never be "None" or "Low", or entirely an argument as to why
your upload is low risk.
* This both shows the SRU team that the risks have been considered,
and provides guidance to testers in regression-testing the SRU.
[ Other Info ]
* Anything else you think is useful to include
* Make sure to explain any deviation from the norm, to save the SRU
reviewer from having to infer your reasoning, possibly incorrectly.
This should also help reduce review iterations, particularly when the
reason for the deviation is not obvious.
* Anticipate questions from users, SRU, +1 maintenance, security teams
and the Technical Board and address these questions in advance
[ Original Description ]
Got this in noble's samba:
# samba-tool gpo manage motd set {31B2F340-016D-11D2-945F-00C04FB984F9}
"Welcome" -U Administrator
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
Password for [EXAMPLE\Administrator]:
ERROR(<class 'AttributeError'>): uncaught exception - 'ConfigParser' object
has no attribute 'readfp'
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3838, in run
reg.increment_gpt_ini(machine_changed=True)
File "/usr/lib/python3/dist-packages/samba/policies.py", line 177, in
increment_gpt_ini
parser.parse(data)
File "/usr/lib/python3/dist-packages/samba/gp_parse/gp_ini.py", line 112,
in parse
super(GPTIniParser, self).parse(contents)
File "/usr/lib/python3/dist-packages/samba/gp_parse/gp_ini.py", line 41, in
parse
self.ini_conf.readfp(StringIO(contents.decode(self.encoding)))
^^^^^^^^^^^^^^^^^^^^
This was fixed in[1]:
commit 2b566979acfc89ad609eb7c0c87d720f1a35f30a
Author: Jo Sutton <[email protected]>
Date: Tue Aug 29 16:30:08 2023 +1200
gp: Use read_file() instead of readfp()
readfp() is deprecated and could be removed in a future version of
Python.
Signed-off-by: Joseph Sutton <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
1. https://github.com/samba-
team/samba/commit/2b566979acfc89ad609eb7c0c87d720f1a35f30a
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2088094
Title:
ConfigParser has no attribute readfp
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
