Ok, it's not crashing anymore, but it's also not updating the text
correctly. It's just adding the key over and over again:
# cat
/var/lib/samba/sysvol/example.internal/Policies/\{31B2F340-016D-11D2-945F-00C04FB984F9\}/MACHINE/VGP/VTLA/Unix/MOTD/manifest.xml
<?xml version='1.0' encoding='UTF-8'?>
<vgppolicy><policysetting><version>1</version><name>Text
File</name><description>Represents a Generic Text
File</description><apply_mode>replace</apply_mode><data><filename>motd</filename><text>Welcome</text><text>Welcome</text><text>Welcome</text><text>Welcome\n</text><text>Welcome
again</text><text>Welcome again</text></data></policysetting></vgppolicy>
root@o-ad:~#
** Description changed:
[ Impact ]
- * An explanation of the effects of the bug on users and justification
- for backporting the fix to the stable release.
+ * An explanation of the effects of the bug on users and justification
+ for backporting the fix to the stable release.
- * In addition, it is helpful, but not required, to include an
- explanation of how the upload fixes this bug.
+ * In addition, it is helpful, but not required, to include an
+ explanation of how the upload fixes this bug.
[ Test Plan ]
- * detailed instructions how to reproduce the bug
+ Deploy samba active directory controller in noble. Here[1] is a how-to
+ guide.
- * these should allow someone who is not familiar with the affected
- package to reproduce the bug and verify that the updated package
- fixes the problem.
+ Next, run this test command, twice. With the bug, it will always crash
+ after the first run (update the password with whatever password your
+ Administrator user has):
- * if other testing is appropriate to perform before landing this
- update, this should also be described here.
+ ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
+ WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
+
+ ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
+ WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
+ ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
+ File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285,
in _run
+ return self.run(*args, **kwargs)
+ ^^^^^^^^^^^^^^^^^^^^^^^^^
+ File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3837, in run
+ text = ET.SubElement(data, 'text')
+ ^^^^
+
+ With the fixed version, the second and subsequent runs won't crash,
+ allowing the MOTD text to be updated.
+
+
+ 1. https://documentation.ubuntu.com/server/how-to/samba/provision-samba-
+ ad-controller/
+
+
[ Where problems could occur ]
- * Think about what the upload changes in the software. Imagine the
- change is wrong or breaks something else: how would this show up?
+ This is changing the code that deals specifically with the MOTD GPO,
+ nothing else, so regressions there could manifest themselves in failures
+ to apply that policy, or even syntax errors in the policy file (given
+ this is XML after all).
- * It is assumed that any SRU candidate patch is well-tested before
- upload and has a low overall risk of regression, but it's important
- to make the effort to think about what ''could'' happen in the event
- of a regression.
+ I suspect the GPO code in general, in samba-tool, has not seen much use so
far, because while trying to reproduce
+ This bug was found while trying to reproduce
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854 (bug 1), this bug
here was found, and yet another one at
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094 (bug 2). So a
simple attempt at using "samba-tool gpo" uncovered 3 bugs in total, and I
wouldn't be surprised if more are found. It's one of those cases where when you
fix one bug, the tool advances another step and might uncover another bug, and
so on. But we are making progress.
- * This must never be "None" or "Low", or entirely an argument as to why
- your upload is low risk.
-
- * This both shows the SRU team that the risks have been considered,
- and provides guidance to testers in regression-testing the SRU.
[ Other Info ]
+ Not at this time.
- * Anything else you think is useful to include
-
- * Make sure to explain any deviation from the norm, to save the SRU
- reviewer from having to infer your reasoning, possibly incorrectly.
- This should also help reduce review iterations, particularly when the
- reason for the deviation is not obvious.
-
- * Anticipate questions from users, SRU, +1 maintenance, security teams
- and the Technical Board and address these questions in advance
[ Original Description ]
When an motd policy already exists, the "set" command fails:
root@n-ad:~# samba-tool gpo manage motd set $gpo "Welcome" -U
Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3829, in run
text = ET.SubElement(data, 'text')
^^^^
Filed upstream as https://bugzilla.samba.org/show_bug.cgi?id=15774
This might be a fix (untested):
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 96fce917f0f..fe9b7caacb2 100644
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -3808,7 +3808,9 @@ samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Message f
return
try:
- xml_data = ET.fromstring(conn.loadfile(vgp_xml))
+ xml_data = ET.ElementTree(ET.fromstring(conn.loadfile(vgp_xml)))
+ policysetting = xml_data.getroot().find('policysetting')
+ data = policysetting.find('data')
except NTSTATUSError as e:
if e.args[0] in [NT_STATUS_OBJECT_NAME_INVALID,
NT_STATUS_OBJECT_NAME_NOT_FOUND,
** Description changed:
[ Impact ]
- * An explanation of the effects of the bug on users and justification
- for backporting the fix to the stable release.
+ The MOTD policy sets the message of the day text for domain joined linux
+ computers to which the policy applies. The message can be set with
+ "samba-tool gpo manage motd set", but due to this bug, it can only be
+ set once, and not updated again (unless removed, and recreated).
- * In addition, it is helpful, but not required, to include an
- explanation of how the upload fixes this bug.
+ If an attempt is made to try to update an existing MOTD policy, with
+ samba-tool, it will crash.
[ Test Plan ]
Deploy samba active directory controller in noble. Here[1] is a how-to
guide.
Next, run this test command, twice. With the bug, it will always crash
after the first run (update the password with whatever password your
Administrator user has):
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
- File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285,
in _run
- return self.run(*args, **kwargs)
- ^^^^^^^^^^^^^^^^^^^^^^^^^
- File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3837, in run
- text = ET.SubElement(data, 'text')
- ^^^^
+ File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285,
in _run
+ return self.run(*args, **kwargs)
+ ^^^^^^^^^^^^^^^^^^^^^^^^^
+ File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3837, in run
+ text = ET.SubElement(data, 'text')
+ ^^^^
With the fixed version, the second and subsequent runs won't crash,
allowing the MOTD text to be updated.
-
1. https://documentation.ubuntu.com/server/how-to/samba/provision-samba-
ad-controller/
-
-
[ Where problems could occur ]
This is changing the code that deals specifically with the MOTD GPO,
nothing else, so regressions there could manifest themselves in failures
to apply that policy, or even syntax errors in the policy file (given
this is XML after all).
- I suspect the GPO code in general, in samba-tool, has not seen much use so
far, because while trying to reproduce
+ I suspect the GPO code in general, in samba-tool, has not seen much use so
far, because while trying to reproduce
This bug was found while trying to reproduce
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854 (bug 1), this bug
here was found, and yet another one at
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094 (bug 2). So a
simple attempt at using "samba-tool gpo" uncovered 3 bugs in total, and I
wouldn't be surprised if more are found. It's one of those cases where when you
fix one bug, the tool advances another step and might uncover another bug, and
so on. But we are making progress.
-
[ Other Info ]
Not at this time.
-
[ Original Description ]
When an motd policy already exists, the "set" command fails:
root@n-ad:~# samba-tool gpo manage motd set $gpo "Welcome" -U
Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3829, in run
text = ET.SubElement(data, 'text')
^^^^
Filed upstream as https://bugzilla.samba.org/show_bug.cgi?id=15774
This might be a fix (untested):
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 96fce917f0f..fe9b7caacb2 100644
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -3808,7 +3808,9 @@ samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Message f
return
try:
- xml_data = ET.fromstring(conn.loadfile(vgp_xml))
+ xml_data = ET.ElementTree(ET.fromstring(conn.loadfile(vgp_xml)))
+ policysetting = xml_data.getroot().find('policysetting')
+ data = policysetting.find('data')
except NTSTATUSError as e:
if e.args[0] in [NT_STATUS_OBJECT_NAME_INVALID,
NT_STATUS_OBJECT_NAME_NOT_FOUND,
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2092308
Title:
Backtrace when running "gpo manage motd set" to update an existing
motd policy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2092308/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
