** Description changed:
[ Impact ]
The MOTD policy sets the message of the day text for domain joined linux
computers to which the policy applies. The message can be set with
"samba-tool gpo manage motd set", but due to this bug, it can only be
set once, and not updated again (unless removed, and recreated).
If an attempt is made to try to update an existing MOTD policy, with
- samba-tool, it will crash.
-
- [ Test Plan ]
-
- Deploy samba active directory controller in noble. Here[1] is a how-to
- guide.
-
- Next, run this test command, twice. With the bug, it will always crash
- after the first run (update the password with whatever password your
- Administrator user has):
+ samba-tool, it will crash like this:
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ubuntu@o-ad:~$ sudo samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Welcome" -U Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3837, in run
text = ET.SubElement(data, 'text')
^^^^
- With the fixed version, the second and subsequent runs won't crash,
- allowing the MOTD text to be updated.
+ [ Test Plan ]
- And finally, confirm with the command below that the motd text was set
- as expected. In our examples so far, that would be the word "Welcome":
+ This SRU includes a new test case for this bug, part of the existing
+ d/t/samba-ad-dc-provisioning-internal-dns test.
- $ sudo samba-tool gpo manage motd list
{31B2F340-016D-11D2-945F-00C04FB984F9};echo
- Welcome
+ For verification purposes, the samba-ad-dc-provisioning-internal-dns
+ test must pass. More specifically, the test server_motd_gpo_tests() must
+ pass. The start of the test is marked with the following text in the
+ test output:
- 1. https://documentation.ubuntu.com/server/how-to/samba/provision-samba-
- ad-controller/
+ ## MOTD GPO tests (server only)
+
[ Where problems could occur ]
This is changing the code that deals specifically with the MOTD GPO,
nothing else, so regressions there could manifest themselves in failures
to apply that policy, or even syntax errors in the policy file (given
this is XML after all).
This bug was found while trying to reproduce
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2078854 at first.
Then this bug here was found, and later another one at
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2088094. So a
simple attempt at using "samba-tool gpo" uncovered 3 bugs in total, and
I wouldn't be surprised if more are found. It's one of those cases where
when you fix one bug, the tool advances another step and might uncover
another bug, and so on. But we are making progress.
[ Other Info ]
Not at this time.
[ Original Description ]
When an motd policy already exists, the "set" command fails:
root@n-ad:~# samba-tool gpo manage motd set $gpo "Welcome" -U
Administrator%Passw0rd
WARNING: Using passwords on command line is insecure. Installing the
setproctitle python module will hide these from shortly after program start.
ERROR(<class 'UnboundLocalError'>): uncaught exception - cannot access local
variable 'data' where it is not associated with a value
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/gpo.py", line 3829, in run
text = ET.SubElement(data, 'text')
^^^^
Filed upstream as https://bugzilla.samba.org/show_bug.cgi?id=15774
This might be a fix (untested):
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 96fce917f0f..fe9b7caacb2 100644
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -3808,7 +3808,9 @@ samba-tool gpo manage motd set
{31B2F340-016D-11D2-945F-00C04FB984F9} "Message f
return
try:
- xml_data = ET.fromstring(conn.loadfile(vgp_xml))
+ xml_data = ET.ElementTree(ET.fromstring(conn.loadfile(vgp_xml)))
+ policysetting = xml_data.getroot().find('policysetting')
+ data = policysetting.find('data')
except NTSTATUSError as e:
if e.args[0] in [NT_STATUS_OBJECT_NAME_INVALID,
NT_STATUS_OBJECT_NAME_NOT_FOUND,
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2092308
Title:
Backtrace when running "gpo manage motd set" to update an existing
motd policy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2092308/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
