** Description changed: [Impact] It is common that domain names contain the '-' character, as in "test- example.com", and adsys versions 0.9.2 and below cannot parse these correctly, leading to the error: ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "test- example.com": failed to retrieve offline state from SSSD: dbus: invalid message: invalid path name when attempting to run adsys on a system attached to "test-example.com" Active Directory. Currently, 0.9.2 only changes '.' into '_2e', and this would change all special characters to use their hexadecimal representations, notably '-' becomes '_2d'. - There is plans from Foundations + Desktop to SRU 0.11.0 back to at least + There is plans from Foundations + Desktop to SRU 0.12.0 back to at least Jammy, documented in bug 2020682 which depends on golang 1.20 to be included in the jammy archive, documented in bug 2020658. However, this - fixup is required with high priority while the 0.11.0 release is being + fixup is required with high priority while the 0.12.0 release is being prepared, and the SRU will hopefully bridge a few weeks between SRU - release to release of 0.11.0. + release to release of 0.12.0. [Testcase] Start a Windows Server VM, 2022 will be fine, and create an Active Directory with the domain "test-example.com". Launch a Focal, or Jammy, or Kinetic VM, and use SSSD to join the domain. Try to enable adsys: $ sudo apt install adsys $ adsysctl update ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "test-example.com": failed to retrieve offline state from SSSD: dbus: invalid message: invalid path name There are test packages in the below ppa: https://launchpad.net/~mruffell/+archive/ubuntu/sf360012-test If you install the test package and retry to join the domain, it will succeed. [Where problems could occur] We are changing how domain names are being parsed and converted to valid dbus object path names. Domain names can only contain [0-9], [A-Z], [a-z], [.], and [-], so by adding '-' to being processed to its hexadecimal representation of '_2d', there should be limited scope of regressions. However, if a regression were to occur, then users may not be able to use adsys to apply group policy restrictions, and could run into issues accessing files, shares and networks. As mentioned in the impact section, this will be a temporary fix to 0.9.2 while 0.11.0 is being prepared to be released into the archive, which contains the full fix and testsuite coverage. This SRU should hopefully be short lived. [Other Info] The upstream merge request is: https://github.com/ubuntu/adsys/pull/498 This was fixed in 0.10.0 by the commit: commit 5752ba87347d7813dd56bc6a9ec6369ec56e5dc4 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:10:51 2022 +0100 Subject: Fix special characters in domain conversion to dbus object path Link: https://github.com/ubuntu/adsys/commit/5752ba87347d7813dd56bc6a9ec6369ec56e5dc4 Now, there were some additional commits that added testsuite coverage: commit cd79b3f81441a3d9ab50f11bc8c3b5c7bf722540 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:13:03 2022 +0100 Subject: Refresh golden file now that we properly handle the path. Link: https://github.com/ubuntu/adsys/commit/cd79b3f81441a3d9ab50f11bc8c3b5c7bf722540 commit 4571e39cd724a973270a586d2b18f653f0007de9 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:14:35 2022 +0100 Subject: Use a better case to assert on ServerURL() failure being ignored. Link: https://github.com/ubuntu/adsys/commit/4571e39cd724a973270a586d2b18f653f0007de9 commit fdca6e462c26e1cbecdb8386f43515c1947d423d Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:16:21 2022 +0100 Subject: Add a separate case for special characters in domain name. Link: https://github.com/ubuntu/adsys/commit/fdca6e462c26e1cbecdb8386f43515c1947d423d These commits are not compatible with 0.9.2 due to testsuite harnesses and frameworks and test data files not being added until 0.10.0, and adding such commits is numerous, and contains too many changes for a SRU. Regrettably, the testsuite commits must be omitted.
** Description changed: [Impact] It is common that domain names contain the '-' character, as in "test- example.com", and adsys versions 0.9.2 and below cannot parse these correctly, leading to the error: ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "test- example.com": failed to retrieve offline state from SSSD: dbus: invalid message: invalid path name when attempting to run adsys on a system attached to "test-example.com" Active Directory. Currently, 0.9.2 only changes '.' into '_2e', and this would change all special characters to use their hexadecimal representations, notably '-' becomes '_2d'. There is plans from Foundations + Desktop to SRU 0.12.0 back to at least Jammy, documented in bug 2020682 which depends on golang 1.20 to be included in the jammy archive, documented in bug 2020658. However, this fixup is required with high priority while the 0.12.0 release is being prepared, and the SRU will hopefully bridge a few weeks between SRU release to release of 0.12.0. [Testcase] Start a Windows Server VM, 2022 will be fine, and create an Active Directory with the domain "test-example.com". Launch a Focal, or Jammy, or Kinetic VM, and use SSSD to join the domain. Try to enable adsys: $ sudo apt install adsys $ adsysctl update ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "test-example.com": failed to retrieve offline state from SSSD: dbus: invalid message: invalid path name There are test packages in the below ppa: https://launchpad.net/~mruffell/+archive/ubuntu/sf360012-test If you install the test package and retry to join the domain, it will succeed. [Where problems could occur] We are changing how domain names are being parsed and converted to valid dbus object path names. Domain names can only contain [0-9], [A-Z], [a-z], [.], and [-], so by adding '-' to being processed to its hexadecimal representation of '_2d', there should be limited scope of regressions. However, if a regression were to occur, then users may not be able to use adsys to apply group policy restrictions, and could run into issues accessing files, shares and networks. As mentioned in the impact section, this will be a temporary fix to - 0.9.2 while 0.11.0 is being prepared to be released into the archive, + 0.9.2 while 0.12.0 is being prepared to be released into the archive, which contains the full fix and testsuite coverage. This SRU should hopefully be short lived. [Other Info] The upstream merge request is: https://github.com/ubuntu/adsys/pull/498 This was fixed in 0.10.0 by the commit: commit 5752ba87347d7813dd56bc6a9ec6369ec56e5dc4 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:10:51 2022 +0100 Subject: Fix special characters in domain conversion to dbus object path Link: https://github.com/ubuntu/adsys/commit/5752ba87347d7813dd56bc6a9ec6369ec56e5dc4 Now, there were some additional commits that added testsuite coverage: commit cd79b3f81441a3d9ab50f11bc8c3b5c7bf722540 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:13:03 2022 +0100 Subject: Refresh golden file now that we properly handle the path. Link: https://github.com/ubuntu/adsys/commit/cd79b3f81441a3d9ab50f11bc8c3b5c7bf722540 commit 4571e39cd724a973270a586d2b18f653f0007de9 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:14:35 2022 +0100 Subject: Use a better case to assert on ServerURL() failure being ignored. Link: https://github.com/ubuntu/adsys/commit/4571e39cd724a973270a586d2b18f653f0007de9 commit fdca6e462c26e1cbecdb8386f43515c1947d423d Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:16:21 2022 +0100 Subject: Add a separate case for special characters in domain name. Link: https://github.com/ubuntu/adsys/commit/fdca6e462c26e1cbecdb8386f43515c1947d423d These commits are not compatible with 0.9.2 due to testsuite harnesses and frameworks and test data files not being added until 0.10.0, and adding such commits is numerous, and contains too many changes for a SRU. Regrettably, the testsuite commits must be omitted. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/2020834 Title: Properly convert DNS names with '-' characters to valid dbus object paths Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: In Progress Status in adsys source package in Jammy: In Progress Status in adsys source package in Kinetic: In Progress Bug description: [Impact] It is common that domain names contain the '-' character, as in "test- example.com", and adsys versions 0.9.2 and below cannot parse these correctly, leading to the error: ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "test-example.com": failed to retrieve offline state from SSSD: dbus: invalid message: invalid path name when attempting to run adsys on a system attached to "test- example.com" Active Directory. Currently, 0.9.2 only changes '.' into '_2e', and this would change all special characters to use their hexadecimal representations, notably '-' becomes '_2d'. There is plans from Foundations + Desktop to SRU 0.12.0 back to at least Jammy, documented in bug 2020682 which depends on golang 1.20 to be included in the jammy archive, documented in bug 2020658. However, this fixup is required with high priority while the 0.12.0 release is being prepared, and the SRU will hopefully bridge a few weeks between SRU release to release of 0.12.0. [Testcase] Start a Windows Server VM, 2022 will be fine, and create an Active Directory with the domain "test-example.com". Launch a Focal, or Jammy, or Kinetic VM, and use SSSD to join the domain. Try to enable adsys: $ sudo apt install adsys $ adsysctl update ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "test-example.com": failed to retrieve offline state from SSSD: dbus: invalid message: invalid path name There are test packages in the below ppa: https://launchpad.net/~mruffell/+archive/ubuntu/sf360012-test If you install the test package and retry to join the domain, it will succeed. [Where problems could occur] We are changing how domain names are being parsed and converted to valid dbus object path names. Domain names can only contain [0-9], [A-Z], [a-z], [.], and [-], so by adding '-' to being processed to its hexadecimal representation of '_2d', there should be limited scope of regressions. However, if a regression were to occur, then users may not be able to use adsys to apply group policy restrictions, and could run into issues accessing files, shares and networks. As mentioned in the impact section, this will be a temporary fix to 0.9.2 while 0.12.0 is being prepared to be released into the archive, which contains the full fix and testsuite coverage. This SRU should hopefully be short lived. [Other Info] The upstream merge request is: https://github.com/ubuntu/adsys/pull/498 This was fixed in 0.10.0 by the commit: commit 5752ba87347d7813dd56bc6a9ec6369ec56e5dc4 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:10:51 2022 +0100 Subject: Fix special characters in domain conversion to dbus object path Link: https://github.com/ubuntu/adsys/commit/5752ba87347d7813dd56bc6a9ec6369ec56e5dc4 Now, there were some additional commits that added testsuite coverage: commit cd79b3f81441a3d9ab50f11bc8c3b5c7bf722540 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:13:03 2022 +0100 Subject: Refresh golden file now that we properly handle the path. Link: https://github.com/ubuntu/adsys/commit/cd79b3f81441a3d9ab50f11bc8c3b5c7bf722540 commit 4571e39cd724a973270a586d2b18f653f0007de9 Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:14:35 2022 +0100 Subject: Use a better case to assert on ServerURL() failure being ignored. Link: https://github.com/ubuntu/adsys/commit/4571e39cd724a973270a586d2b18f653f0007de9 commit fdca6e462c26e1cbecdb8386f43515c1947d423d Author: Didier Roche <didier.ro...@canonical.com> Date: Tue Nov 15 11:16:21 2022 +0100 Subject: Add a separate case for special characters in domain name. Link: https://github.com/ubuntu/adsys/commit/fdca6e462c26e1cbecdb8386f43515c1947d423d These commits are not compatible with 0.9.2 due to testsuite harnesses and frameworks and test data files not being added until 0.10.0, and adding such commits is numerous, and contains too many changes for a SRU. Regrettably, the testsuite commits must be omitted. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2020834/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
