Your message dated Tue, 29 Jan 2008 20:44:24 -0800
with message-id <[EMAIL PROTECTED]>
and subject line [Bulk] Re: [Bulk] Bug#462813: slapd-2.4.7-3+b1: upgrade -->
Loading the database from the LDIF dump failed
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: slapd-2.4.7-3+b1
Version: 2.4.7-3+b1
Severity: grave
Justification: renders package unusable
I wanted to upgrade my system.:
Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.3.38-1+lenny1... done.
Upgrading BDB 'checkpoint' options... .
Moving old database directories to /var/backups:
Loading from /var/backups/slapd-2.3.38-1+lenny1:
- directory dc=mydomain,dc=home... failed.
Loading the database from the LDIF dump failed with the following
error while running slapadd:
slapadd: dn="cn=Domain Admins,ou=Groups,dc=mydomain,dc=home" (line=99):
(65) no structural object class provided
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24amd64-muh13 (PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
On Wed, Jan 30, 2008 at 03:12:50AM +0100, RĂ¼diger Kramolisch wrote:
> i am a little bit confused right now about your statement related
> to "structural object class". My config says
> somewhere "structuralObjectClass: posixGroup", or is that unrelated or
> something different?
It's related; the problem is that it *says* structuralObjectClass, but the
schema shows that the object class is non-structural, so this dn can't be
reloaded from the LDIF.
> Maybe the upgrade failure is because i use egroupware which does not like the
> original nis.schema and requires the rfc2307bis.schema, when using ldap
> adressbook?
Yes, that's precisely the issue.
> well here is the output:
> grep include.*schema /etc/ldap/slapd.conf
> include /etc/ldap/schema/core.schema
> include /etc/ldap/schema/cosine.schema
> include /etc/ldap/schema/inetorgperson.schema
> include /etc/ldap/schema/samba.schema
> include /etc/ldap/schema/rfc2307bis.schema
> #include /etc/ldap/schema/nis.schema
> without nis.schema:
> sed -n -e'/posixGroup/,/)/p' \
> $(sed -n -e's/include\s\+\(.*\.schema\)/\1/p' /etc/ldap/slapd.conf)
> # The purpose of it is, to use posixGroup together with groupOfNames
> #
> # uidNumber and gidNumber might be buildin, in that case you
> # need to comment out both (putting a # infront the whole entry)
> objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top AUXILIARY
> DESC 'Abstraction of a group of accounts'
> MUST gidNumber
> MAY ( userPassword $ memberUid $
> description ) )
> sed: #/etc/ldap/schema/nis.schema --> file or folder not found
Right, this shows posixGroup as an auxiliary class. You need to have
exactly one structural object class for each dn in your directory. This is
not a new requirement with OpenLDAP 2.4; I think that if you had tried to
dump and reload your directory for any other reason with the old version of
OpenLDAP, you would have run into this same problem because posixGroup was
structural when the dn was added, but was subsequently changed to auxiliary
when you switched to rfc2307bis.
So my understanding is that, with rfc2307bis, the structural object class
you should use for posix groups is 'groupOfNames'. To fix this properly,
you will need to add an "objectClass: groupOfNames" line to your LDIF backup
for each posixGroup affected by this issue.
As near as I can tell, there is no bug in OpenLDAP here, the server is
functioning exactly as intended and enforcing the schema requirements; so
I'm going to close this report. If you need further help sorting out your
upgrade, feel free to continue following up to the bug.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
[EMAIL PROTECTED] [EMAIL PROTECTED]
--- End Message ---
