http://bugzilla.opensuse.org/show_bug.cgi?id=1207718 Bug ID: 1207718 Summary: Salt API LDAP authentication "unhashable type: 'dict'" Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other OS: openSUSE Leap 15.4 Status: NEW Severity: Normal Priority: P5 - None Component: Salt Assignee: salt-maintainers@suse.de Reporter: georg.pfuetzenreuter@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Hi, Authenticating to the Salt REST API via LDAP causes the following: ``` georg@spice ~> curl -iA 'Accept: application/json' -d username=georg -d eauth=ldap --data-urlencode password@file https://spice.syscid.com:4550/login HTTP/1.1 500 Internal Server Error Server: TornadoServer/4.5.3 Content-Type: text/plain Date: Fri, 27 Jan 2023 20:58:17 GMT Content-Length: 352 Set-Cookie: session_id=f4f431461eff34c1fc445084d1a91e914c866cd9a1da7f2cc9050e2258e549a866026a4f8296dad402201ffdcaf4c9c2ff9f3624164193361c046026b8692dfc; Path=/ Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/salt/ext/tornado/web.py", line 1511, in _execute result = method(*self.path_args, **self.path_kwargs) File "/usr/lib/python3.6/site-packages/salt/netapi/rest_tornado/saltnado.py", line 768, in post perms = sorted(list(set(perms))) TypeError: unhashable type: 'dict' Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [DEBUG ] Attempting LDAP bind with user dn: uid=georg Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [DEBUG ] Successfully authenticated user dn via LDAP: uid=georg Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [DEBUG ] LDAP authentication successful Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [DEBUG ] ldap bind to determine group membership succeeded! Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [DEBUG ] User georg is a member of groups: ['xxx'] Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [DEBUG ] LazyLoaded localfs.mk_token Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [ERROR ] Uncaught exception POST /login (192.168.0.105) Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: HTTPServerRequest(protocol='https', host='spice.syscid.com:4550', method='POST', uri='/login', version='HTTP/1.1', remote_ip='192.168.0.105', headers={'Host': 'spice.syscid.com:4550', 'User-Agent': 'Accept: application/json', 'Accept': '*/*', 'Content-Length': '121', 'Content-Type': 'application/x-www-form-urlencoded'}) Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: Traceback (most recent call last): Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: File "/usr/lib/python3.6/site-packages/salt/ext/tornado/web.py", line 1511, in _execute Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: result = method(*self.path_args, **self.path_kwargs) Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: File "/usr/lib/python3.6/site-packages/salt/netapi/rest_tornado/saltnado.py", line 768, in post Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: perms = sorted(list(set(perms))) Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: TypeError: unhashable type: 'dict' Jan 27 21:58:17 spice.lysergic.dev salt-api[20675]: [ERROR ] 500 POST /login (192.168.0.105) 251.70ms ``` This seems to have been repaired in https://github.com/saltstack/salt/pull/60493. Is there any chance we could get this backported ? Cheers Georg -- You are receiving this mail because: You are on the CC list for the bug.