My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 3029: sized characters of ldap groups
1 person starred this issue and may be notified of changes. Back to list
Status:  Invalid
Owner:  ----
Closed:  Feb 2015


Sign in to add a comment
 
Reported by mr.marce...@gmail.com, Nov 25, 2014
Affected Version: 2.10-rc0

What steps will reproduce the problem?
1. create a group with more than 31 characters in LDAP
2. add the ldap group in an ACL Gerrit
3. Test the ACL

What is the expected output? What do you see instead?
The ACL should work, but with groups of more than 31 characters it does not work, especially in reference 'READ'

Please provide any additional information below.
My group in LDAP:

git_system-product-functional-tests-owners

Insert the Gerrit ACL like this:

Read:
ALLOW - ldap / git_system-product-functional-tests-owners

Users in this group can not see the project in Gerrit, but if I change the group name to a size smaller than 31 characters it works.

Mysql in the two tables on the groups has a limit of 255 characters:

table: account_group_names
row: `name` varchar (255)

table: account_groups
row: `name` varchar (255)
Nov 28, 2014
#1 sop@google.com
Look at the "groups" file on the refs/meta/config branch of the project you added the permission to.

Groups are stored in the groups file, not in the database.

Also look at the "project.config" file on that same branch.

If the group linkage isn't working for longer names, it sounds like the entries in one (or both) of these files became malformed due to the group name.
Dec 4, 2014
#2 mr.marce...@gmail.com
thanks for the feedback, I tested several shapes and sizes of names for the LDAP groups and got success, I believe the OpenLDAP version we used in our environment is too old or schemas team worked wrong.
Gerrit connected on the FreeIPA and got success, thanks again.
Feb 2, 2015
#3 mr.marce...@gmail.com
Problem is false positive, please close this issue, thank you for attention.
Feb 2, 2015
Project Member #4 edwin.ke...@gmail.com
(No comment was entered for this change.)
Status: Invalid
Sign in to add a comment

Powered by Google Project Hosting