Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

The upgrade task for magic-users.properties fails because of the read-only attribute

Description

In NMS-9109, a few problems have been fixed due to .rpmnew and its Debian sibling.

I've created a VM with 18.0.4, started OpenNMS, added some users, and also updated magic-users.properties to add some of those new users to different roles.

Then, I stopped OpenNMS, and upgraded to 19.0.1.

Here is what I found:

- Running execution phase Moving security roles into users.xml... Warning: can't perform the upgrade operation because: Can't fix configuration because The attribute 'read-only' appears illegally on element 'user'.

Indeed, the read-only attribute was removed from the XSD as part of the magic-users refactoring. The problem is that because this attribute exist on older versions of OpenNMS, it has to be removed prior trying to parse users.xml using JAXB with the new code.

This doesn't seem to be the case, as the error wouldn't exist. For this reason, the upgrade task needs a pre-parser to remove that attribute, in other words, the equivalent of:

sed -i 's/ read-only="[^"]*"//' users.xml

And, then it can continue with its operation.

Now, the actual use case should be, pre-parse without JAXB the XML to see which users have read-only="true", and assign ROLE_READONLY accordingly.

Interestingly, it seems that the upgrade task has code to do what I've described above as part of the work for HZN-871, but for some reason it is still failing, so the current implementation has to be revisited.

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Alejandro Galue August 22, 2018 at 4:02 PM
Edited

On an upgrade from Meridian 2015 to Meridian 2017, the upgrade task failed ...

Processing MagicUsersMigratorOffline: Moves security roles from magic-users.properties into the users.xml file: HZN-871 - Running pre-execution phase Backing up /opt/opennms/etc/magic-users.properties.rpmsave Zipping /opt/opennms/etc/magic-users.properties.rpmsave Backing up /opt/opennms/etc/users.xml Zipping /opt/opennms/etc/users.xml - Running execution phase Moving security roles into users.xml... Warning: can't perform the upgrade operation because: Can't fix configuration because Failed to marshal/unmarshal XML file while unmarshalling an object (Userinfo): javax.xml.bind.UnmarshalException - with linked exception: [Exception [EclipseLink-25004] (Eclipse Persistence Services - 2.5.1.v20130918-f2b9fc5): org.eclipse.persistence.exceptions.XMLMarshalException Exception Description: An error occurred unmarshalling the document Internal Exception: org.xml.sax.SAXParseException; lineNumber: 15; columnNumber: 33; cvc-complex-type.3.2.2: Attribute 'read-only' is not allowed to appear in element 'user'.]; nested exception is javax.xml.bind.UnmarshalException - with linked exception: [Exception [EclipseLink-25004] (Eclipse Persistence Services - 2.5.1.v20130918-f2b9fc5): org.eclipse.persistence.exceptions.XMLMarshalException Exception Description: An error occurred unmarshalling the document Internal Exception: org.xml.sax.SAXParseException; lineNumber: 15; columnNumber: 33; cvc-complex-type.3.2.2: Attribute 'read-only' is not allowed to appear in element 'user'.] - Executing rollback phase Restoring backup /opt/opennms/etc/magic-users.properties.rpmsave.zip Unzipping to /opt/opennms/etc/magic-users.properties.rpmsave Restoring backup /opt/opennms/etc/users.xml.zip Unzipping to /opt/opennms/etc/users.xml - Running post-execution phase Removing config file (RPM version) /opt/opennms/etc/magic-users.properties.rpmsave

The content of the users.xml was:

<?xml version="1.0" encoding="UTF-8"?> <userinfo xmlns="http://xmlns.opennms.org/xsd/users">     <header>         <rev>.9</rev>         <created>Thursday, November 3, 2011 9:28:08 PM GMT</created>         <mstation>master.nmanage.com</mstation>     </header>     <users>         <user>             <user-id>admin</user-id>             <full-name>Administrator</full-name>             <user-comments>Default administrator, do not delete</user-comments>             <password>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</password>         </user>         <user read-only="false">             <user-id>guest</user-id>             <full-name>Guest Account</full-name>             <user-comments></user-comments>             <password salt="true">xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</password>             <contact type="email" info=""/>             <contact type="pagerEmail" info=""/>             <contact type="xmppAddress" info=""/>             <contact type="microblog" info=""/>             <contact type="numericPage" info="" serviceProvider=""/>             <contact type="textPage" info="" serviceProvider=""/>             <contact type="workPhone" info=""/>             <contact type="mobilePhone" info=""/>             <contact type="homePhone" info=""/>         </user>     </users> </userinfo>

Alejandro Galue April 5, 2017 at 4:42 PM
Edited

Interestingly, I can't reproduce the problem on latest foundation-2017 through a JUnit test:

Backing up target/home/etc/magic-users.properties Zipping /Users/agalue/Development/opennms/git/develop/core/upgrade/target/home/etc/magic-users.properties Backing up target/home/etc/users.xml Zipping /Users/agalue/Development/opennms/git/develop/core/upgrade/target/home/etc/users.xml Warning: User manager has read-only flag Removing the read-only flags from users.xml Moving security roles into users.xml... Loading configured user: admin... Loading configured user: agalue... Loading configured user: jmx_operator... Loading configured user: manager... Loading configured user: operator... Adding role ROLE_RTC to user rtc Adding role ROLE_ADMIN to user admin Warning: User iphone doesn't exist on users.xml, Ignoring. Adding role ROLE_JMX to user jmx_operator Adding role ROLE_MEASUREMENTS to user agalue Adding role ROLE_USER to user agalue Warning: ROLE_MEASUREMENTS is a custom role. Creating security-roles.properties with roles: measurements Adding role ROLE_READONLY to user manager Adding role ROLE_USER to user manager Removing original config file target/home/etc/magic-users.properties

And here is what I'm using:

<?xml version="1.0" encoding="UTF-8"?> <userinfo xmlns="http://xmlns.opennms.org/xsd/users"> <header> <rev>.9</rev> <created>Friday, September 9, 2016 3:07:53 PM GMT</created> <mstation>master.nmanage.com</mstation> </header> <users> <user read-only="false"> <user-id>admin</user-id> <full-name>Administrator</full-name> <user-comments>Default administrator, do not delete</user-comments> <password>21232F297A57A5A743894A0E4A801FC3</password> </user> <user read-only="false"> <user-id>agalue</user-id> <full-name>Alejandro Galue</full-name> <user-comments></user-comments> <password>21232F297A57A5A743894A0E4A801FC3</password> </user> <user read-only="false"> <user-id>operator</user-id> <full-name>Operator</full-name> <user-comments></user-comments> <password>21232F297A57A5A743894A0E4A801FC3</password> </user> <user read-only="true"> <user-id>manager</user-id> <full-name>Operator</full-name> <user-comments></user-comments> <password>21232F297A57A5A743894A0E4A801FC3</password> </user> <user read-only="false"> <user-id>jmx_operator</user-id> <full-name>JMX Operator (for JMX Remote Access Only)</full-name> <user-comments></user-comments> <password>21232F297A57A5A743894A0E4A801FC3</password> </user> </users> </userinfo>

In fact, the migration in that scenario is working.

I'm wondering why that fails in 19.0.1. In theory 19.0.1 should have that change.

Fixed

Details

Assignee

Reporter

Components

Sprint

Fix versions

Affects versions

Priority

PagerDuty

Created April 5, 2017 at 4:31 PM
Updated August 24, 2018 at 2:56 PM
Resolved August 24, 2018 at 2:56 PM

Flag notifications