[Bug 667597] [NEW] conf.d directory not a configuration directory

Will Dowling 667597 at bugs.launchpad.net
Thu Oct 28 05:25:25 BST 2010


Public bug reported:

# cat /etc/issue
Ubuntu 10.04.1 LTS \n \l

# apt-cache policy slapd
slapd:
  Installed: 2.4.21-0ubuntu5.3
  Candidate: 2.4.21-0ubuntu5.3
  Version table:
 *** 2.4.21-0ubuntu5.3 0
        500 ftp://10.1.4.17/ubuntu/ lucid-updates/main Packages
        100 /var/lib/dpkg/status
     2.4.21-0ubuntu5.2 0
        500 ftp://10.1.4.17/ubuntu/ lucid-security/main Packages
     2.4.21-0ubuntu5 0
        500 ftp://10.1.4.17/ubuntu/ lucid/main Packages


PROBLEM DESCRIPTION:

The slapd package deploys the cn=config directory
/etc/ldap/slapd.d/cn=config

Howard Chu, Chief Architect of the OpenLDAP project has publicly stated
that the slapd.d directory is a configuration DATABASE and is not user-
editable[1].

The placement of this configuration database under /etc/ violates the
Debian Filesystem Hierarchy Standard v2.3 [2] to which Ubuntu also
adheres [3].

This is confusing for administrators migrating to the new cn=config and
can lead them to editing the database directly, which is not documented
nor intended.


SUGGESTED FIX:
    * Ensure that slapd creates the configuration database somewhere under /var/lib
    * Ensure that the slapd package's postinst does not modify the configuration database directly
    * Ensure that the /etc/default/slapd file sets the SLAPD_CONF variable to the new location of the configuration database


NOTES:

This may need to be reported to the upstream Debian maintainers, however
it is my understanding that lenny still uses slapd.conf (and I have not
had time to test an unstable/testing box or inspect the source package,
yet).


[1] http://www.openldap.org/lists/openldap-technical/201009/msg00023.html
[2] http://www.debian.org/doc/packaging-manuals/fhs/fhs-2.3.html
[3] http://people.canonical.com/~cjwatson/ubuntu-policy/policy.html/ch-opersys.html#s-fhs

** Affects: openldap (Ubuntu)
     Importance: Undecided
         Status: New

-- 
conf.d directory not a configuration directory
https://bugs.launchpad.net/bugs/667597
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.



More information about the Ubuntu-server-bugs mailing list