Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Code in "password_providers" is loaded, even if disabled

See original GitHub issue

Description

I am (successfully) using a custom password provider for matrix-synapse:

password_providers:
  - module: "grouprise.auth.matrix_synapse_auth_grouprise.GroupriseAuthProvider"
    config:
      enabled: true
      settings_filename: /etc/grouprise/settings.py

The above snippets works as expected.

But when I disable the password provider (enabled: false), the python module is still loaded and the above class (GroupriseAuthProvider) is still initialized.

In order to prevent matrix-synapse from initializing the class, I need to comment/remove the above configuration snippet completely.

Steps to reproduce

  • add a minimal (broken) configuration snippet to the synapse configuration:
password_providers:
  - module: "foo.bar"
    config:
      enabled: false
  • restart matrix-synapse
  • take a look at the logs and discover the following lines:
Traceback (most recent call last):
  File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/usr/lib/python3/dist-packages/synapse/app/homeserver.py", line 507, in <module>
    main()
  File "/usr/lib/python3/dist-packages/synapse/app/homeserver.py", line 502, in main
    hs = setup(sys.argv[1:])
  File "/usr/lib/python3/dist-packages/synapse/app/homeserver.py", line 333, in setup
    "Synapse Homeserver", config_options
  File "/usr/lib/python3/dist-packages/synapse/config/_base.py", line 727, in load_or_generate_config
    config_dict, config_dir_path=config_dir_path, data_dir_path=data_dir_path
  File "/usr/lib/python3/dist-packages/synapse/config/_base.py", line 749, in parse_config_dict
    data_dir_path=data_dir_path,
  File "/usr/lib/python3/dist-packages/synapse/config/_base.py", line 374, in invoke_all
    res[name] = getattr(config, func_name)(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/synapse/config/password_auth_providers.py", line 49, in read_conf
    ("password_providers", "<item %i>" % i),
  File "/usr/lib/python3/dist-packages/synapse/util/module_loader.py", line 49, in load_module
    module = importlib.import_module(module)
  File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
  File "<frozen importlib._bootstrap>", line 983, in _find_and_load
  File "<frozen importlib._bootstrap>", line 965, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'foo'

Instead of the above behavior, I expected synapse to ignore the disabled password_provider completely (i.e. not importing the module).

Version information

  • Version: 1.28.0-1~bpo10+2
  • Install method: Debian package (buster-backports)

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:9 (5 by maintainers)

github_iconTop GitHub Comments

1reaction
richvdhcommented, Jun 16, 2021

the config block (including the enabled setting shown here) contains options for the module, so of course we have to load the module, so that we can pass the option in. As it happens, some modules (including LdapAuthProvider) require an enabled option to enable them, though personally I think that is a misfeature. There is certainly nothing that says all modules need to implement enabled, nor that it necessarily means the same to all modules.

In short, I think having Synapse inspect the supposedly module-specific options and apply magic behaviour if there is one called enable would be extremely confusing.

If you want a way to temporarily avoid loading the password provider, just rename password_providers to something like _x_password_providers that will be ignored by Synapse.

0reactions
gramakricommented, Jul 24, 2021

I opened https://github.com/matrix-org/matrix-synapse-ldap3/issues/124 for the invalid server address.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Docker: Zyborg.PassCore.PasswordProvider.LDAP not found
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity...
Read more >
html - How can a site instantly detect that javascript has been ...
Normally, when a page is loaded, and the browser has Javascript disabled, we use the <noscript> tag to write something like a warning...
Read more >
API reference - Apache Druid
Returns the number of segments not yet loaded for each tier until all segments loading in the cluster are available. The result includes...
Read more >
Can module loading be globally disabled on modern Linux ...
As mentioned, this should be used with kexec_load_disabled if the goal is to control which code is active in kernelspace: kexec_load_disabled :.
Read more >
Google Cloud metrics - Monitoring
metric_type : Name of the resource the autoscaling is based on - "cpu", "load balancing" or full metric name in domain-and-path format if...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Wrong e-mail address in `From` field with non-ascii characters

Next page

Restrict the rooms a guest can join