Hello folks, Context: My setup is a running dscontainer with exported /data. While developing (outside of the container) I am trying to run `dsconf ldapi://%2fpath%2fto%2fdscontainers%2fsocket security get`. Issue 1: I get IndexError exception: File "/home/mhonek/src/ds/up/src/lib389/lib389/_mapped_object.py", line 158, in display How to fix the fact we can get no results to display, and to fix it correctly so that nothing else eventually blows up? Don't know... Issue 2: Tracing back I find out I autobinded as non-root (non 0 UID). Expectable, but still unexpected. So I tried to override this by providing `-D` and `-w` explicitly to dsconf. No change, still autobinding. Turns out the autobind has preference over simple bind in DirSrv.open, this comes from [implementation]. Possible solution: Instead of `elif can_autobind(): ... else: simple_bind` do `elif self.binddn is not None: ... else can_autobind(): ...`. Worked for me. Would this blow up some use-case? Don't know... Sub-issue 2a: Given I was able to autobind as non-root UID, the wording in a log message [aubind-log]. The word "root" probably shouldn't be there? Somewhat troubling 1: At the time of running open in the autobind branch in DirSrv.open [autobind] the value of `self.bindpw` is literally "password" even though no `-D` nor `-w` was provided on command line for dsconf. I believe there are some reasons (besides "because the code is written so") why this is so but I would like to be enlightened here. [implementation] https://pagure.io/389-ds-base/c/e07e489 [autobind-log] https://pagure.io/389-ds-base/blob/6d70cbe/f/src/lib389/lib389/__init__.py#_1063 [autobind] https://pagure.io/389-ds-base/blob/6d70cbe/f/src/lib389/lib389/__init__.py#_1060 Please, share your ideas, where I went wrong, what we could go ahead with. Thanks, Matus -- Matúš Honěk Software Engineer Red Hat Czech _______________________________________________ 389-devel mailing list -- 389-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-devel@xxxxxxxxxxxxxxxxxxxxxxx
