ROSA Linux Bugzilla – Bug 4762
eGroupware 14.1 needs Packaging due to Samba 4 bugs.
Last modified: 2015-06-03 15:17:05 MSD
eGroupware 1.8.007 has a severe bug that will at the best delete LDAP user accounts, and at worst corrupt the LDAP Database when used with a Samba 4 Active Directory.
Because of this the maintainer of eGroupware suggests everyone migrate to eGroupware 14.1 which officially supports a Samba 4 AD.
eGroupware 14.1 has many new dependencies which exist as Pear Modules. Import from OpenSuse Reccommended.
The current version of eGroupware is 14.2, fixing security bugs for eGroupware 14.1.
Let me explain: the behaviour of most LDAP applications is to issue an ldap modify command to any existing LDAP entry in the tree and edit or add only the existing object classes connected to that entry in the tree. All Applications except OpenLDAP do this to avoid running a foul an Object Class Constraint Violation.
eGroupware 1.8 reads the entire entry into a temporary space, makes changes in that space, then issues a drop command to delete the entire entry, then an add command to add a new entry with its changes. If for any reason a constraint violation or an object class violation occurs, the new entry won't be re-added, and eGroupware will error out.
ACLs in both modern versions of OpenLDAP and Samba 4.1 can run a foul of this.
Reccommended action is to import the Suse eGroupware Packages and Rosa Horde Packages.
egroupware 14.2.20150501 has been published to contrib. Though I didn't have a chance to check if all of its components work correctly.
This application is extremely complex and difficult to administer. What tests did you run?
I have only checked that after installation of a new package, its web interface works fine and setup can be launched.
Meanwhile, I have recently pushed fixed version of egroupware to ABF - in the previous build, wrong apache config was used. The new builds should become available soon.