Alex M via FreeIPA-users wrote:
> Martin, 
> 
> After some tests, i found that  the value for  the 
> nsslapd-sasl-max-buffer-size is reset to default (2097152) during 
> installation. It is correct? 
> 
> ipa-server-install -d  --dirsrv-config-file=update.ldif
> 
> update.ldif
> 
> dn: cn=config
> changetype: modify
> replace: nsslapd-maxsasliosize
> nsslapd-maxsasliosize: 10485760
> -
> replace: nsslapd-sasl-max-buffer-size
> nsslapd-sasl-max-buffer-size: 10485760
> 
> or 
> 
> dn: cn=config
> changetype: modify
> replace: nsslapd-maxsasliosize
> nsslapd-maxsasliosize: 10485760
> dn: cn=config
> changetype: modify
> replace: nsslapd-sasl-max-buffer-size
> nsslapd-sasl-max-buffer-size: 10485760
> 
> I've tried both.
> 
> Log files:
> 
> From ipaserver-install.log (Centos 7.4)
> ~
> 2018-02-12T16:52:38Z DEBUG nsslapd-sasl-max-buffer-size:
> 2018-02-12T16:52:38Z DEBUG    10485760
> ~
> 2018-02-12T16:52:38Z DEBUG only: set nsslapd-sasl-max-buffer-size to 
> '2097152', current value [u'10485760']
> 2018-02-12T16:52:38Z DEBUG only: updated value [u'2097152']
> 2018-02-12T16:52:38Z DEBUG ---------------------------------------------
> 2018-02-12T16:52:38Z DEBUG Final value after applying updates
> ~
> 2018-02-12T16:52:38Z DEBUG nsslapd-sasl-max-buffer-size:
> 2018-02-12T16:52:38Z DEBUG    2097152
> ~
> 2018-02-12T16:52:38Z DEBUG [(2, u'nsslapd-sasl-max-buffer-size', 
> [u'2097152'])]
> 2018-02-12T16:52:38Z DEBUG Updated 1
> 2018-02-12T16:52:38Z DEBUG Done
> 2018-02-12T16:52:38Z DEBUG Updating existing entry: cn=config
> ~
> 2018-02-12T16:52:38Z DEBUG nsslapd-sasl-max-buffer-size:
> 2018-02-12T16:52:38Z DEBUG    2097152
> 
> The same for the Fedora 27 ipaserver-nstall.log:
> ~
> 2018-02-13T10:45:57Z DEBUG nsslapd-sasl-max-buffer-size:
> 2018-02-13T10:45:57Z DEBUG    10485760
> ~
> 2018-02-13T10:45:57Z DEBUG    (targetattr != aci)(version 3.0; aci "cert 
> manager read access"; allow (read, search, compare) userdn = 
> "ldap:///uid=pkidbuser,ou=people,o=ipaca";;)
> 2018-02-13T10:45:57Z DEBUG only: set nsslapd-sasl-max-buffer-size to 
> '2097152', current value ['10485760']
> 2018-02-13T10:45:57Z DEBUG only: updated value ['2097152']
> ~
> 2018-02-13T10:45:58Z DEBUG nsslapd-sasl-max-buffer-size:
> 2018-02-13T10:45:58Z DEBUG    2097152
> ~
> 2018-02-13T10:45:58Z DEBUG    (targetattr != aci)(version 3.0; aci "cert 
> manager read access"; allow (read, search, compare) userdn = 
> "ldap:///uid=pkidbuser,ou=people,o=ipaca";;)
> 2018-02-13T10:45:58Z DEBUG [(2, 'nsslapd-sasl-max-buffer-size', ['2097152'])]
> 2018-02-13T10:45:58Z DEBUG Updated 1
> 2018-02-13T10:45:58Z DEBUG Done
> 2018-02-13T10:45:58Z DEBUG Updating existing entry: cn=config
> ~
> 2018-02-13T10:45:58Z DEBUG nsslapd-sasl-max-buffer-size:
> 2018-02-13T10:45:58Z DEBUG    2097152

This shows that an LDAP update file in IPA is making the change but I
can't seem to find that in the source tree.

Can you provide more context to the logging? Look for "Parsing update
file '<foo>'" in the lines before this.

rob
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to