ValueError: Unknown member role xxxxx

blockchain-spark commented 1 year ago

On a new database, I manually created a superuser xxxxx, the script fails when processing this role.

ldap2pg.yml

postgres:
  blacklist:
    - postgres
    - xxxxx

  fallback_owner: postgres

Verbose output

$ ldap2pg --verbose --real
...
2023-08-24 01:09:53,571 DEBUG:  ldap2pg.psql: Closing connection to libpq default.
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: Unhandled error:
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: Traceback (most recent call last):
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:   File "/usr/local/lib/python3.6/site-packages/ldap2pg/role.py", line 309, in resolve_membership
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:     member = index_[member_name]
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: KeyError: 'hubbledevroot'
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: During handling of the above exception, another exception occurred:
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: Traceback (most recent call last):
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:   File "/usr/local/lib/python3.6/site-packages/ldap2pg/script.py", line 37, in main
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:     exit(synchronize(config))
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:   File "/usr/local/lib/python3.6/site-packages/ldap2pg/script.py", line 133, in synchronize
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:     count = manager.sync(syncmap=config['sync_map'])
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:   File "/usr/local/lib/python3.6/site-packages/ldap2pg/manager.py", line 299, in sync
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:     pgallroles.resolve_membership()
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:   File "/usr/local/lib/python3.6/site-packages/ldap2pg/role.py", line 311, in resolve_membership
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:     raise ValueError('Unknown member role %s' % member_name)
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: ValueError: Unknown member role hubbledevroot
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script: Please file an issue at https://github.com/dalibo/ldap2pg/issues with full log.

blockchain-spark commented 1 year ago

I've list this role in the blacklist, I'd expect the script will ignore this role.

postgres:
  blacklist:
    - postgres
    - xxxxx

The error on the console is:

Unhandled error:
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/ldap2pg/role.py", line 309, in resolve_membership
    member = index_[member_name]
KeyError: 'xxxxx'
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:
During handling of the above exception, another exception occurred:
2023-08-24 01:09:53,571 ERROR:  ldap2pg.script:
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/ldap2pg/script.py", line 37, in main
    exit(synchronize(config))
  File "/usr/local/lib/python3.6/site-packages/ldap2pg/script.py", line 133, in synchronize
    count = manager.sync(syncmap=config['sync_map'])
  File "/usr/local/lib/python3.6/site-packages/ldap2pg/manager.py", line 299, in sync
    pgallroles.resolve_membership()
  File "/usr/local/lib/python3.6/site-packages/ldap2pg/role.py", line 311, in resolve_membership
    raise ValueError('Unknown member role %s' % member_name)
ValueError: Unknown member role xxxxx

blockchain-spark commented 1 year ago

The DDL for this role is:

CREATE ROLE xxxxx WITH 
    SUPERUSER
    NOCREATEDB
    NOCREATEROLE
    INHERIT
    LOGIN
    NOREPLICATION
    NOBYPASSRLS;

blockchain-spark commented 1 year ago

It runs ok now after I did "revoke oneRole from xxxxx;" Thanks all, I'll close it.

dalibo / ldap2pg

ValueError: Unknown member role xxxxx #557