Project

General

Profile

Bug #9818

Rudder's LDAP server configuration does not allow to query the monitor DB

Added by Jonathan CLARKE about 1 year ago. Updated 10 months ago.

Status:
Released
Priority:
N/A
Category:
Server components
Target version:
Target version (plugin):
Severity:
User visibility:
Effort required:
Priority:

Description

Since we added strict ACLs in the LDAP server configuration for Rudder, it is no longer possible to query the cn=monitor backend, that provides useful statistics about the database usage and queries, in particular cache usage for the BDB/HDB backend.

This is because the ACLs do not allow any access except for the strict minimum, but the root DN for the main database bypasses ACLs so that has never been a problem. Since cn=monitor is actually a different database, the root DN from the main database doesn't have that bypass.

We need to add in an ACL to allow this.

Associated revisions

Revision bc859677
Added by Jonathan CLARKE about 1 year ago

Fixes #9818: Rudder's LDAP server configuration does not allow to query the monitor DB

History

#1 Updated by Jonathan CLARKE about 1 year ago

  • Status changed from New to In progress

#2 Updated by Jonathan CLARKE about 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Jonathan CLARKE to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-packages/pull/1151

#3 Updated by Jonathan CLARKE 12 months ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100

#4 Updated by Vincent MEMBRÉ 10 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 3.1.18, 3.2.11, 4.0.3 and 4.1.0~beta3 which were released today.

Also available in: Atom PDF