[Bug 675052] [NEW] Upgrade from hardy (8.04) to lucid (10.04) sets bad permissions on olcDatabase={-1}frontend, cn=config
AlainKnaff
675052 at bugs.launchpad.net
Sat Nov 13 23:49:31 GMT 2010
Public bug reported:
When upgrading from hardy to lucid, the following permissions are set on
the frontend :
# {-1}frontend, config
dn: olcDatabase={-1}frontend,cn=config
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
instead of:
dn: olcDatabase={-1}frontend,cn=config
olcAccess: {0}to * by dn.exact="dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external" manage by * break
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to dn.base="cn=subschema" by * read
The result of this is that the rootDse cannot be loaded by the anon user (testable using ldapsearch -x -b "" -s base "+"), which prevents SASL binds with Unix user from working (ldapsearch -U user ....)
** Affects: openldap (Ubuntu)
Importance: Undecided
Status: New
--
Upgrade from hardy (8.04) to lucid (10.04) sets bad permissions on olcDatabase={-1}frontend,cn=config
https://bugs.launchpad.net/bugs/675052
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list