Re: [Cpu-users] CPU, debian, and some bug reports...

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Mon, Oct 13, 2003 at 01:33:38PM -0500, Blake Matheny wrote:

Hi,

> > #215258: cpu: problematic error recovery
> > 	If cpu fails to create a user for some reason it exists. 
> > 	But at that stage is has already created a group for the user. 
> > 	Please try to clean up after the error and remove the new group 
> > 	as well so the ldap directory will be left in its original state.
> > 
> > 	As extra information for this bugreport: it is impossible to remove
> > 	the leftover group with cpu, since it will complain that it is a 
> > 	users' primary group and can not be removed.
> Fixed in CVS, not in 1.4.2. Now a group isn't added for the user unless the
> user was successfully added.
> 
> > #215437: cpu: can not abort at password prompt
> > 	When creating an account using cpu it can prompt for a bad
> > 	password.
> > 	I would like to abort at that point, but that is not possible: 
> > 	both ctrl-c and ctrl-d result in a '  is a bad password: it's 
> > 	WAY too short' message and another password prompt. The only way 
> > 	out is to kill cpu from another shell.
> Fixed in CVS, not in 1.4.2. This was a problem with GNU getpass, CVS has its
> own version (CPU_getpass) which respects signals, which is now used here as
> well as in other places that used getpass.
>

So, will these two be in 1.4.3?

> > #215298: cpu: strange error removing groups
> > 	This is somewhat unexpected:
> > 
> > 	vortex:~# cpu useradd -E debug debug
> > 	User debug successfully added!
> > 	vortex:~# cpu usermod -g 100 debug
> > 	User debug successfully modified!
> > 	vortex:~# cpu groupdel debug
> > 	ldap: checkIsPrimaryGroup: ldap_search_st: No such object (32)
> > 	groupdel: cannot remove user's primary group.
> > 	ldap: CPU_init: Error in ldapOperation.
> > 	Something went wrong. Exiting.
> I'm unable to replicate this with either cpu 1.4.1 or 1.4.2. Would it be
> possible for the user to try again, and if the error happens again could I get
> a copy of their configuration file?
> 

I've just reproduced it...

executor:~# cpu useradd -E debug debug

User debug successfully added!
executor:~# cpu usermod -g 100 debug

User debug successfully modified!
executor:~# cpu groupdel debug

ldap: ldapGroupDel: ldap_delete_s: No such object (32)
	matched DN: ou=Groups,dc=studio,dc=tixteam,dc=net
ldap: CPU_init: Error in ldapOperation.
Something went wrong. Exiting.
executor:~# 

My configuration file follows:

BEGIN:
# See cpu.conf(5) for documentation

[GLOBAL]
DEFAULT_METHOD	= ldap
CRACKLIB_DICTIONARY = /var/cache/cracklib/cracklib_dict

[LDAP]
#LDAP_HOST	= 127.0.0.1
#LDAP_PORT	= 389
# Can also use LDAP_URI = ldaps://localhost:389 for TLS support
LDAP_URI   = ldap://ldap.studio.tixteam.net
BIND_DN    = cn=admin,dc=studio,dc=tixteam,dc=net
BIND_PASS  = mypass
USER_BASE  = ou=People,dc=studio,dc=tixteam,dc=net
GROUP_BASE = ou=Groups,dc=studio,dc=tixteam,dc=net
USER_OBJECT_CLASS	= inetOrgPerson,posixAccount,shadowAccount,top
GROUP_OBJECT_CLASS	= posixGroup,top
USER_FILTER	= (objectClass=posixAccount)
GROUP_FILTER	= (objectClass=posixGroup)
USER_CN_STRING	= uid
GROUP_CN_STRING = cn
SKEL_DIR	= /etc/skel
DEFAULT_SHELL 	= /bin/bash
HOME_DIRECTORY	= /home
MAX_UIDNUMBER = 10000
MIN_UIDNUMBER = 1000
MAX_GIDNUMBER = 10000
MIN_GIDNUMBER = 1000
ID_MAX_PASSES = 1000
RANDOM = "false"
PASSWORD_FILE = "/etc/passfile"
SHADOW_FILE = "/etc/shadowfile"
HASH = "md5"
SHADOWLASTCHANGE	= 11192
SHADOWMAX		= 99999
SHADOWWARING		= 7
SHADOWEXPIRE		= -1
SHADOWFLAG		= 134538308
SHADOWMIN		= -1
SHADOWINACTIVE		= -1

END.

Thanks,

Guido