fausp
(fpausp)
April 2, 2024, 10:08am
1
I tried to setup Webtop with external LDAP configured but got an error:
Enqueued anchor job 100 postgres.service/start.
DELETE 1
DELETE 1
INSERT 0 1
INSERT 0 1
DELETE 1
DELETE 1
INSERT 0 1
INSERT 0 1
DELETE 1
INSERT 0 1
bash: -c: line 1: unexpected EOF while looking for matching `"'
bash: -c: line 2: syntax error: unexpected end of file
Traceback (most recent call last):
File "/home/webtop1/.config/actions/configure-module/20config", line 265, in <module>
domain_setup(mail_domain, user_domain)
File "/home/webtop1/.config/actions/configure-module/20config", line 19, in domain_setup
user_domain_password = subprocess.check_output(['podman', 'run', '--rm', os.environ["WEBTOP_WEBAPP_IMAGE"], 'bash', '-c', "echo -n " + user_domain["bind_password"] + " | java -classpath /usr/share/webtop/ WebtopPassEncode"], text=True).splitlines().pop()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/subprocess.py", line 466, in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/subprocess.py", line 571, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['podman', 'run', '--rm', 'ghcr.io/nethserver/webtop-webapp:1.0.15', 'bash', '-c', 'echo -n ********** | java -classpath /usr/share/webtop/ WebtopPassEncode']' returned non-zero exit status 2.
fausp
(fpausp)
April 2, 2024, 10:29am
2
OK, I changed the bind password. Now I use a password without special characters and the configuration was saved…
I still can logon with user admin/admin but not with a AD Domain User.
stephdl
(Stéphane de Labrusse)
April 3, 2024, 10:33am
3
tested on a remote ldap account without TLS, I cannot reproduce the issue
create an AD on NS7
set to do not ask for encryption
The commands by @giacomo need a little fix:
mkdir -p /etc/e-smith/templates-custom/var/lib/machines/nsdc/etc/samba/smb.conf.include/
- echo "ldap server require strong auth = no" > 20notls
+ echo "ldap server require strong auth = no" > /etc/e-smith/templates-custom/var/lib/machines/nsdc/etc/samba/smb.conf.include/20notls
expand-template /var/lib/machines/nsdc/etc/samba/smb.conf.include
systemctl restart nsdc
Instead of creating a template-custom, you could try to edit the [global] sect…
bind to this AD on NS8 without TLS on port 389
install mail, webtop, imapsync
I can use the domain page and the mailboxes page, and the imapsync page, I can login with ldap users to webtop
If I remove the custom template I did on NS7 and I restart the nsdc, then I cannot browse remotely the users on all pages
1 Like
davidep
(Davide Principi)
April 3, 2024, 10:38am
4
What special characters could potentially trigger the bug? Please tell us more so we can test them!
stephdl
(Stéphane de Labrusse)
April 3, 2024, 11:00am
5
I suppose. Could you confirm
1 Like
fausp
(fpausp)
April 5, 2024, 8:17pm
6
I had to logon as Webtop-admin and write the bind-password agn because I changed it as NS8-cluster-admin just for testing for another app…
Webtop works now, I am able to login with AD user…
stephdl
(Stéphane de Labrusse)
August 5, 2024, 1:00pm
7
@davidep
this issue is reproducible, a bind password with a "
and you break webtop but I am not sure that only webtop is touched, maybe other app could be broken too: tested with BindTestPassword"
Enqueued anchor job 47 postgres.service/start.
Enqueued auxiliary job 63 apache.service/start.
Enqueued auxiliary job 60 webapp.service/start.
Enqueued auxiliary job 61 z-push.service/start.
Enqueued auxiliary job 59 webtop.service/start.
Enqueued auxiliary job 62 webdav.service/start.
DELETE 0
INSERT 0 1
DELETE 0
INSERT 0 1
DELETE 1
INSERT 0 1
DELETE 1
DELETE 1
INSERT 0 1
INSERT 0 1
DELETE 1
DELETE 1
INSERT 0 1
INSERT 0 1
DELETE 1
INSERT 0 1
bash: -c: line 1: unexpected EOF while looking for matching `"'
bash: -c: line 2: syntax error: unexpected end of file
Traceback (most recent call last):
File "/home/webtop1/.config/actions/configure-module/20config", line 265, in <module>
domain_setup(mail_domain, user_domain)
File "/home/webtop1/.config/actions/configure-module/20config", line 19, in domain_setup
user_domain_password = subprocess.check_output(['podman', 'run', '--rm', os.environ["WEBTOP_WEBAPP_IMAGE"], 'bash', '-c', "echo -n " + user_domain["bind_password"] + " | java -classpath /usr/share/webtop/ WebtopPassEncode"], text=True).splitlines().pop()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.11/subprocess.py", line 466, in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.11/subprocess.py", line 571, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['podman', 'run', '--rm', 'ghcr.io/nethserver/webtop-webapp:1.0.19', 'bash', '-c', 'echo -n BindTestPassword" | java -classpath /usr/share/webtop/ WebtopPassEncode']' returned non-zero exit status 2.
4 Likes