** Description changed:
[ Impact ]
The MOTD policy sets the message of the day text for domain joined linux
computers to which the policy applies. The message can be set with
"samba-tool gpo manage motd set", but due to this bug, it can only be
set once, and not updated again (unless removed, and recreated).
If an attempt is made to try to update an existing MOTD policy, with
samba-tool, it will crash.
[ Test Plan ]
Deploy samba active directory controller in noble. Here[1] is a how-to
guide.
Next, run this test command, twice. With the bug, it will always crash
after the first run (update the password with whatever password your
Administrator user has):
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3837, in run
text = ET.SubElement(data, 'text')
^^^^
With the fixed version, the second and subsequent runs won't crash,
allowing the MOTD text to be updated.
And finally, confirm with the command below that the motd text was set
as expected. In our examples so far, that would be the word "Welcome":
$ sudo samba-tool gpo manage motd list
{31B2F340-016D-11D2-945F-00C04FB984F9};echo
Welcome
-
- 1.
https://documentation.ubuntu.com/server/how-to/samba/provision-samba-ad-controller/
+ 1. https://documentation.ubuntu.com/server/how-to/samba/provision-samba-
+ ad-controller/
[ Where problems could occur ]
This is changing the code that deals specifically with the MOTD GPO,
nothing else, so regressions there could manifest themselves in failures
to apply that policy, or even syntax errors in the policy file (given
this is XML after all).
- I suspect the GPO code in general, in samba-tool, has not seen much use so
far, because while trying to reproduce
- This bug was found while trying to reproduce
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854 (bug 1), this bug
here was found, and yet another one at
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094 (bug 2). So a
simple attempt at using "samba-tool gpo" uncovered 3 bugs in total, and I
wouldn't be surprised if more are found. It's one of those cases where when you
fix one bug, the tool advances another step and might uncover another bug, and
so on. But we are making progress.
+ This bug was found while trying to reproduce
+ https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854, this bug
+ here was found, and yet another one at
+ https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094. So a
+ simple attempt at using "samba-tool gpo" uncovered 3 bugs in total, and
+ I wouldn't be surprised if more are found. It's one of those cases where
+ when you fix one bug, the tool advances another step and might uncover
+ another bug, and so on. But we are making progress.
[ Other Info ]
Not at this time.
[ Original Description ]
When an motd policy already exists, the "set" command fails:
root@n-ad:~# samba-tool gpo manage motd set $gpo "Welcome" -U
Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3829, in run
text = ET.SubElement(data, 'text')
^^^^
Filed upstream as https://bugzilla.samba.org/show_bug.cgi?id=15774
This might be a fix (untested):
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 96fce917f0f..fe9b7caacb2 100644
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -3808,7 +3808,9 @@ samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Message f
return
try:
- xml_data = ET.fromstring(conn.loadfile(vgp_xml))
+ xml_data = ET.ElementTree(ET.fromstring(conn.loadfile(vgp_xml)))
+ policysetting = xml_data.getroot().find('policysetting')
+ data = policysetting.find('data')
except NTSTATUSError as e:
if e.args[0] in [NT_STATUS_OBJECT_NAME_INVALID,
NT_STATUS_OBJECT_NAME_NOT_FOUND,
** Description changed:
[ Impact ]
The MOTD policy sets the message of the day text for domain joined linux
computers to which the policy applies. The message can be set with
"samba-tool gpo manage motd set", but due to this bug, it can only be
set once, and not updated again (unless removed, and recreated).
If an attempt is made to try to update an existing MOTD policy, with
samba-tool, it will crash.
[ Test Plan ]
Deploy samba active directory controller in noble. Here[1] is a how-to
guide.
Next, run this test command, twice. With the bug, it will always crash
after the first run (update the password with whatever password your
Administrator user has):
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3837, in run
text = ET.SubElement(data, 'text')
^^^^
With the fixed version, the second and subsequent runs won't crash,
allowing the MOTD text to be updated.
And finally, confirm with the command below that the motd text was set
as expected. In our examples so far, that would be the word "Welcome":
$ sudo samba-tool gpo manage motd list
{31B2F340-016D-11D2-945F-00C04FB984F9};echo
Welcome
1. https://documentation.ubuntu.com/server/how-to/samba/provision-samba-
ad-controller/
[ Where problems could occur ]
This is changing the code that deals specifically with the MOTD GPO,
nothing else, so regressions there could manifest themselves in failures
to apply that policy, or even syntax errors in the policy file (given
this is XML after all).
This bug was found while trying to reproduce
- https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854, this bug
- here was found, and yet another one at
+ https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854 at first.
+ Then this bug here was found, and later another one at
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094. So a
simple attempt at using "samba-tool gpo" uncovered 3 bugs in total, and
I wouldn't be surprised if more are found. It's one of those cases where
when you fix one bug, the tool advances another step and might uncover
another bug, and so on. But we are making progress.
[ Other Info ]
Not at this time.
[ Original Description ]
When an motd policy already exists, the "set" command fails:
root@n-ad:~# samba-tool gpo manage motd set $gpo "Welcome" -U
Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3829, in run
text = ET.SubElement(data, 'text')
^^^^
Filed upstream as https://bugzilla.samba.org/show_bug.cgi?id=15774
This might be a fix (untested):
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 96fce917f0f..fe9b7caacb2 100644
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -3808,7 +3808,9 @@ samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Message f
return
try:
- xml_data = ET.fromstring(conn.loadfile(vgp_xml))
+ xml_data = ET.ElementTree(ET.fromstring(conn.loadfile(vgp_xml)))
+ policysetting = xml_data.getroot().find('policysetting')
+ data = policysetting.find('data')
except NTSTATUSError as e:
if e.args[0] in [NT_STATUS_OBJECT_NAME_INVALID,
NT_STATUS_OBJECT_NAME_NOT_FOUND,
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2092308
Title:
Backtrace when running "gpo manage motd set" to update an existing
motd policy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2092308/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
