Bug 4762 - eGroupware 14.1 needs Packaging due to Samba 4 bugs.
: eGroupware 14.1 needs Packaging due to Samba 4 bugs.
Status: RESOLVED FIXED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Package Requests
: Fresh
: All Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-12-02 20:07 MSK by Zombie Ryushu
Modified: 2015-06-03 15:17 MSD (History)
2 users (show)

See Also:
RPM Package: egroupware
ISO-related:
Bad POT generating:
Upstream:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Zombie Ryushu 2014-12-02 20:07:33 MSK
eGroupware 1.8.007 has a severe bug that will at the best delete LDAP user accounts, and at worst corrupt the LDAP Database when used with a Samba 4 Active Directory.

Because of this the maintainer of eGroupware suggests everyone migrate to eGroupware 14.1 which officially supports a Samba 4 AD.

eGroupware 14.1 has many new dependencies which exist as Pear Modules. Import from OpenSuse Reccommended.
Comment 1 Zombie Ryushu 2015-05-21 18:26:15 MSD
The current version of eGroupware is 14.2, fixing security bugs for eGroupware 14.1.

Let me explain: the behaviour of most LDAP applications is to issue an ldap modify command to any existing LDAP entry in the tree and edit or add only the existing object classes connected to that entry in the tree. All Applications except OpenLDAP do this to avoid running a foul an Object Class Constraint Violation.

eGroupware 1.8 reads the entire entry into a temporary space, makes changes in that space, then issues a drop command to delete the entire entry, then an add command to add a new entry with its changes. If for any reason a constraint violation or an object class violation occurs, the new entry won't be re-added, and eGroupware will error out. 

ACLs in both modern versions of OpenLDAP and Samba 4.1 can run a foul of this.

Reccommended action is to import the Suse eGroupware Packages and Rosa Horde Packages.
Comment 2 Denis Silakov 2015-06-03 11:10:17 MSD
egroupware 14.2.20150501 has been published to contrib. Though I didn't have a chance to check if all of its components work correctly.
Comment 3 Zombie Ryushu 2015-06-03 11:21:48 MSD
This application is extremely complex and difficult to administer. What tests did you run?
Comment 4 Denis Silakov 2015-06-03 15:17:05 MSD
I have only checked that after installation of a new package, its web interface works fine and setup can be launched.

Meanwhile, I have recently pushed fixed version of egroupware to ABF - in the previous build, wrong apache config was used. The new builds should become available soon.