** Description changed: This is part of the long story trying to fix https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854. + + [ Impact ] During the back and forth patching python/samba/netcmd/gpo.py, a bug was found, fixed, and it's back: when updating the motd GPO, the new text is added, instead of replacing the existing one: - $ sudo cat /var/lib/samba/sysvol/example.internal/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/VGP/VTLA/Unix/MOTD/manifest.xml | xq + $ sudo cat /var/lib/samba/sysvol/example.internal/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/VGP/VTLA/Unix/MOTD/manifest.xml | xq <?xml version='1.0' encoding='UTF-8'?> <vgppolicy> - <policysetting> - <version>1</version> - <name>Text File</name> - <description>Represents a Generic Text File</description> - <apply_mode>replace</apply_mode> - <data> - <filename>motd</filename> - <text>Welcome</text> - <text>Welcome</text> - <text>Welcome again</text> - </data> - </policysetting> + <policysetting> + <version>1</version> + <name>Text File</name> + <description>Represents a Generic Text File</description> + <apply_mode>replace</apply_mode> + <data> + <filename>motd</filename> + <text>Welcome</text> + <text>Welcome</text> + <text>Welcome again</text> + </data> + </policysetting> </vgppolicy> Multiple invocations of this command will do that: $ sudo samba-tool gpo manage motd set {31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator + + While testing the fix for this bug, another one was found: if an empty + MOTD GPO was listed, that would also crash samba-tool (see comment #2). + + [ Test Plan ] + + An autopkgtest has been added to the package to exercise the MOTD GPO, + and it also checks for this bug. + + A green run of the samba-ad-dc-provisioning-internal-dns test (the new + GPO test is part of that bigger samba test) is to be considered enough + verification for this bug. + + + [ Where problems could occur ] + + The patch is affecting the code that generates, updates, and removes, MOTD group policy objects. Problems would be restricted to the MOTD GPO specifically, and could include: + - invalid XML being generated (unlikely, since a library is used); + - invalid schema used in the XML. For example, text/data elements placed in the wrong place + - as evidenced by this bug here, duplication of data (which is being fixed here, but was introduced by a patch from us) + + It was not investigated what Samba/Windows clients would do when faced + with an invalid XML, or invalid schema for the GPO. + + + [ Other Info ] + + This bug, and many others, were found while investigating the very first bug report: LP: #2078854, which was about a segfault. In order to test it, samba-tool was used with a simple policy, MOTD in this case. That led to us finding many bugs in this area: + - LP: #2088094: fix crash in samba-tool due to using removed method + - LP: #2092308: fix crash when updating an already existing MOTD GPO + - fix crash when listing an empty MOTD GPO. Being fixed here, together with: + - this bug here LP: #2107395: Updating MOTD GPO adds new text instead of replacing existing one + + What I mean with the above, is that I wouldn't be surprised if more bugs + in this area of the code were found. In fact, while fixing this one + here, I found another one which I'm fixing together (listing empty MOTD + GPO).
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2107395 Title: Updating MOTD GPO adds new text instead of replacing existing one To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2107395/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
