-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-9.6
-
None
-
None
-
Low
-
rhel-idm-ds
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
Unspecified
-
Unspecified
-
Unspecified
-
None
Issue Description
In rare situations RetroCL entry for MODRDN operation can be missing newRdn and deleteOldRdn attributes:
dn: changenumber=75827,cn=changelog changeNumber: 75827 changeTime: 20251008161117Z targetDN: uid=systemaccount01,ou=People,dc=example,dc=com changeType: modrdn changes:: replace: modifiersname modifiersname: cn=directory manager - replace: modifytimestamp modifytimestamp: 20251008161117Z -
While audit log contains it:
[
{
"attr": "deleteoldrdn",
"values": [
"true"
]
},
{
"attr": "newrdn",
"values": [
"uid=systemaccount02"
]
},
{
"attr": "new_dn",
"values": [
"uid=systemaccount02,ou=People,dc=example,dc=com"
]
}
]
In modrdn2reple we add lines with newRdn only if it's not NULL:
https://github.com/389ds/389-ds-base/blob/98271e6b91e6118fffe8d0e1eeb6cf755d80fad9/ldap/servers/plugins/retrocl/retrocl_po.c#L531-L535
I suspect pblock gets cleared (race condition, db retry?) and newrdn is NULL.
Steps to reproduce:
TBD