Bug #18763: '5fd350e5 UNKNOWN attributeDescription "TARGETNAME" inserted' after migration to 6.2 - Rudder - Issue Tracker

Custom queries

8.1 beta
Bugs triage
CS - by priority
CS - to review
My TR
Need technical review
Open bugs (all)
Open bugs (UI - UX)
Open UX defects (all)
Opened by users

Actions

Copy link

Bug #18763

closed

'5fd350e5 UNKNOWN attributeDescription "TARGETNAME" inserted' after migration to 6.2

Added by François ARMAND almost 4 years ago. Updated over 2 years ago.

Status:

Rejected

Priority:

N/A

Assignee:

Category:

Web - Nodes & inventories

Target version:

6.2.13

Pull Request:

Severity:

UX impact:

User visibility:

Effort required:

Priority:

Name check:

To do

Fix check:

To do

Regression:

Description

When migrating to rudder 6.2, everything went fine but when openldap was restarting, I got several message like in the title:

5fd350e5 UNKNOWN attributeDescription "TARGETNAME" inserted.
5fd350e5 UNKNOWN attributeDescription "TARGETNODEHOSTNAME" inserted.
5fd350e5 UNKNOWN attributeDescription "TARGETPOLICYSERVERID" inserted.
5fd350e5 UNKNOWN attributeDescription "TARGETLOCALADMINISTRATORACCOUNTNAME" inserted.
5fd350e5 UNKNOWN attributeDescription "TARGETAGENTNAME" inserted.
5fd350e5 UNKNOWN attributeDescription "TARGETSYSTEMVARIABLE" inserted.
5fd350e5 UNKNOWN attributeDescription "SYSTEMVARIABLE" inserted.
5fd350e5 UNKNOWN attributeDescription "WRITTENTIMESTAMP" inserted.
5fd350e5 UNKNOWN attributeDescription "ISMODIFIED" inserted.
5fd350e5 UNKNOWN attributeDescription "LASTUPDATETIMESTAMP" inserted.

Related issues 1 (0 open — 1 closed)

Related to Rudder - User story #17227: Prevent removal of 'system' global and group properties

Released

Vincent MEMBRÉ

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by François ARMAND almost 4 years ago

Related to User story #17227: Prevent removal of 'system' global and group properties added

Actions

Copy link

Updated by François ARMAND almost 4 years ago

Reason is that in #17227 we removed some old (3.x old) attribute definition from LDAP schema. For old rudder, even if unused, some entries which uses these attributes can still exists. OpenLDAP then complains that it does not know what the attribute is.

Actions

Copy link

Updated by François ARMAND almost 4 years ago

If you are in that case (hey congrats, you're a very old time user!), you can get rid of these messages by:

1/ adding back the removed attribute/class definition.
Edit /opt/rudder/etc/openldap/schema/rudder.schema and add at the end:

attributetype ( RudderAttributes:101
  NAME 'targetPolicyServerId'
  DESC 'The identifier of a Node policy server'
  SUP uuid )

attributetype ( RudderAttributes:207
  NAME 'lastUpdateTimestamp'
  DESC 'Last date when the item was updated'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
  EQUALITY generalizedTimeMatch
  ORDERING generalizedTimeOrderingMatch )

attributetype ( RudderAttributes:209
  NAME 'writtenTimestamp'
  DESC 'Last date when the item was written'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
  EQUALITY generalizedTimeMatch
  ORDERING generalizedTimeOrderingMatch )

attributetype ( RudderAttributes:211
  NAME 'isModified'
  DESC 'Define if the server is modified and should be processed as such or if it is up to date. Default to false if not specified'
  EQUALITY booleanMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7  )

attributetype ( RudderAttributes:220
  NAME 'systemVariable'
  DESC 'The current system variables of a node'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch )

attributetype ( RudderAttributes:221
  NAME 'targetSystemVariable'
  DESC 'The target system variables of a node'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch )

attributetype ( RudderAttributes:222
  NAME 'targetName'
  DESC 'Host name of the server'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

attributetype ( RudderAttributes:223
  NAME 'targetNodeHostname'
  DESC 'Host name of the server'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

attributetype ( RudderAttributes:224
  NAME 'targetAgentName'
  DESC 'List of name of the agent (Nova, Community, ...)'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

attributetype ( RudderAttributes:225
  NAME 'targetLocalAdministratorAccountName'
  DESC 'The local administrator account name (login) on the node'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

attributetype ( RudderAttributes:227
  NAME 'parameter'
  DESC 'The current parameters applied to a node'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  EQUALITY caseExactMatch
  SUBSTR caseIgnoreSubstringsMatch )

attributetype ( RudderAttributes:228
  NAME 'targetParameter'
  DESC 'The target parameters applied to a node'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  EQUALITY caseExactMatch
  SUBSTR caseIgnoreSubstringsMatch )

attributetype ( RudderAttributes:303
  NAME 'overridable'
  DESC 'Define if the parameter may be overriden'
  EQUALITY booleanMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7  )

objectclass ( RudderObjectClasses:101
  NAME 'nodeConfiguration'
  DESC 'The mapping of the node configuration, a container for promises'
  SUP top
  STRUCTURAL
  MUST ( nodeId $ isPolicyServer )
  MAY ( cn $ description $ isModified $
        lastUpdateTimestamp $ writtenTimestamp $
        targetName $
        localAdministratorAccountName $ targetLocalAdministratorAccountName $
        nodeHostname $ targetNodeHostname $
        policyServerId $ targetPolicyServerId $
        agentName $ targetAgentName $
        systemVariable $ targetSystemVariable $
        parameter $ targetParameter  ) )

objectclass ( RudderObjectClasses:102
  NAME 'rootPolicyServerNodeConfiguration'
  SUP  nodeConfiguration
  DESC 'The ROOT policy server of an Rudder Domain' )

#cn is the policy name for the directive
objectClass ( RudderObjectClasses:103
  NAME 'abstractDirectiveNodeConfiguration'
  DESC 'An abstract instance of a Directive'
  SUP top
  ABSTRACT
  MUST ( techniqueId )
  MAY ( lastUpdateTimestamp $
        description $ ruleTarget $ directiveVariable $
        isEnabled $ isSystem $ serial $ directivePriority $
        techniqueId $ techniqueVersion $
        ruleId ) )

objectclass ( RudderObjectClasses:104
  NAME 'directiveNodeConfiguration'
  DESC 'An instance of a policy'
  SUP abstractDirectiveNodeConfiguration
  STRUCTURAL
  MUST ( directiveId ) )

objectclass ( RudderObjectClasses:105
  NAME 'targetDirectiveNodeConfiguration'
  DESC 'An instance of a target state for a directive'
  SUP abstractDirectiveNodeConfiguration
  STRUCTURAL
  MUST ( targetdirectiveId ) )

2/ restart slapd

3/ find culprit entries and delete them:

3.1/ find them:

ENTRIES=$(ldapsearch -LLL -o ldif-wrap=no -h localhost -p 389 -x -D "cn=Manager,cn=rudder-configuration" -w XXXX -b "cn=rudder-configuration" -s sub "(|(objectClass=abstractDirectiveNodeConfiguration)(objectClass=directiveNodeConfiguration)(objectClass=targetDirectiveNodeConfiguration)(objectClass=nodeConfiguration))" "1.1" | sed -e "s/dn: //")

With "XXXX" replaced by your actual password.

3.2/ check that it looks lile dn:

echo $ENTRIES

3.3/ delete them:

Before actual deletion, you should backup your LDAP, just in case: https://docs.rudder.io/reference/6.1/administration/procedures.html#_backup
Then, delete:

for i in $(echo ${ENTRIES}); do if [ -n "$i" ]; then ldapdelete -h localhost -p 389 -x -D "cn=Manager,cn=rudder-configuration" -w XXXX $i; fi; done

Most likely, they are all under ou=Nodes Configuration,cn=rudder-configuration and you can delete that branche enterily (but not the new cn=Nodes Configuration,cn=rudder-configuration - ie, cn in plance of ou. The cn is the new one, still in use)

You can get errors if entries are not sorted starting by leaf. Do the above command several times if needed.

Actions

Copy link

Updated by Benoît PECCATTE almost 3 years ago

Category set to Web - Nodes & inventories
Target version set to 6.2.13

Actions

Copy link

Updated by Alexis Mousset almost 3 years ago

Status changed from New to Rejected

Closing as it should be infrequent and the ticket contains a workaround.

Actions

Copy link

Updated by Benoît PECCATTE over 2 years ago

Slapd fails to start wit this workaround, remove those lines from the schema because they are duplicate

attributetype ( RudderAttributes:303
  NAME 'overridable'
  DESC 'Define if the parameter may be overriden'
  EQUALITY booleanMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7  )

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #18763

'5fd350e5 UNKNOWN attributeDescription "TARGETNAME" inserted' after migration to 6.2

Updated by François ARMAND almost 4 years ago

Updated by François ARMAND almost 4 years ago

Updated by François ARMAND almost 4 years ago

Updated by Benoît PECCATTE almost 3 years ago

Updated by Alexis Mousset almost 3 years ago

Updated by Benoît PECCATTE over 2 years ago