[Bug 563829] Re: olcAccess are options broken on upgrade in {-1}frontend.ldif
Nathan Stratton Treadway
ubuntu.lp at nathanst.com
Tue Apr 27 17:40:16 BST 2010
It seems like the new slapd.postinst in 2.4.21-0ubuntu5 will cause a
configuration error for upgrades from previous Lucid versions of the
package.
Specifically, up through 2.4.21-0ubuntu4, the postinst script added the following line:
olcAccess: to * by dn.exact=cn=localroot,cn=config manage by * break
to the /etc/ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif file (when upgrading from a previous version older than 2.4.17-1ubuntu3).
The new version of the script will add the following line instead (and will do so when upgrading from any prior version of the package):
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
But since there is no attempt to remove the old non-indexed line while
the indexed one is added, slapd will refuse to start with the resulting
frontend.ldif file.
I can't easily run an actual test of this upgrade path myself, but bug
570657 and bug 570533 seem to be consistent with this scenario.
--
olcAccess are options broken on upgrade in {-1}frontend.ldif
https://bugs.launchpad.net/bugs/563829
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list