https://bugs.openldap.org/show_bug.cgi?id=9811
Issue ID: 9811
Summary: slapadd silently fails when importing ldif file
including another one
Product: OpenLDAP
Version: 2.5.11
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
This issue is about openldap 2.5.11. (not tested on 2.6)
When importing a new configuration from an ldif file, for example by this
command:
slapadd -n0 -F /usr/local/openldap/etc/openldap/slapd.d -l
/var/backups/openldap/config-00000000000000.ldif
the command answers by a 0 result code but the cn=config database is not fully
imported.
Also there is no special message displayed.
The complete config-00000000000000.ldif file is below.
The problem is in the custom.ldif included from config-00000000000000.ldif
For example, the problem appears if the custom.ldif is this one:
```
# Custom ldif schema
```
or if the custom.ldif is that one (with an end-of-line at the end):
```
# Custom ldif schema
dn: cn=custom,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: custom
```
The expected behaviour should be to return an error code, and to display the
corresponding message on stdout.
Here is the full config-00000000000000.ldif file:
```
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd.conf
olcConfigDir: slapd.d
olcArgsFile: /usr/local/openldap/var/run/slapd.args
olcAttributeOptions: lang-
olcAuthzPolicy: none
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcListenerThreads: 1
olcLocalSSF: 71
olcPidFile: /usr/local/openldap/var/run/slapd.pid
olcReadOnly: FALSE
olcSaslHost: 127.0.0.1
olcSaslSecProps: none
olcServerID: 1
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCACertificateFile: /etc/ssl/certs/ca-certificates.crt
olcTLSCertificateFile: /etc/ssl/certs/ssl-cert-snakeoil.pem
olcTLSCertificateKeyFile: /etc/ssl/private/ssl-cert-snakeoil.key
olcTLSCRLCheck: none
olcTLSVerifyClient: allow
olcTLSProtocolMin: 3.3
olcToolThreads: 1
olcWriteTimeout: 0
olcLogLevel: stats
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/local/openldap/lib64/:/usr/local/openldap/libexec/openldap/
olcModuleLoad: argon2.la
olcModuleLoad: pw-pbkdf2.la
olcModuleLoad: back_mdb.la
olcModuleLoad: dynlist.la
olcModuleLoad: ppolicy.la
olcModuleLoad: syncprov.la
olcModuleLoad: unique.la
olcModuleLoad: refint.la
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
include: file:///usr/local/openldap/etc/openldap/schema/core.ldif
include: file:///usr/local/openldap/etc/openldap/schema/cosine.ldif
include: file:///usr/local/openldap/etc/openldap/schema/nis.ldif
include: file:///usr/local/openldap/etc/openldap/schema/inetorgperson.ldif
include: file:///usr/local/openldap/etc/openldap/schema/dyngroup.ldif
include: file:///usr/local/openldap/etc/openldap/schema/custom.ldif
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by *
break
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=Subschema" by * read
olcAccess: to * by self write by users read by anonymous auth
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 0
olcReadOnly: FALSE
olcSchemaDN: cn=Subschema
olcSecurity: ssf=128
olcSizeLimit: 500
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
olcPasswordHash: {ARGON2}
olcSortVals: member
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by * none
olcAddContentAcl: TRUE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=admin,cn=config
olcRootPW:
{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$eBzdIP+Zv/H/TmAw0xTXOg$JNQR9asBjEX5XYcTuqygvIY5S3iH43uqaqWQa9e0jNU
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /usr/local/openldap/var/openldap-data
olcSuffix: dc=my-organization,dc=com
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=admin,dc=my-organization,dc=com
olcRootPW:
{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$22H7iUTEuPMmwYnLr07PjQ$257rNncoS6L/k4HUXmROU7p2SfinVjfjFeUz4pK8gEw
olcSyncUseSubentry: FALSE
olcLastBind: TRUE
olcMonitoring: TRUE
olcDbIndex: objectClass eq
olcDbIndex: entryUUID eq
olcDbIndex: entryCSN eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbMaxSize: 4294967296
dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 10
olcSpSessionlog: 100
dn: olcOverlay={1}ppolicy,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcPPolicyConfig
olcOverlay: {1}ppolicy
olcPPolicyDefault: cn=default,ou=ppolicies,dc=my-organization,dc=com
olcPPolicyHashCleartext: TRUE
olcPPolicyUseLockout: TRUE
dn: olcOverlay={2}refint,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
olcOverlay: {2}refint
olcRefintAttribute: member
olcRefintNothing: cn=nothing,dc=my-organization,dc=com
dn: olcOverlay={3}dynlist,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcDynamicList
olcOverlay: {3}dynlist
olcDlAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames*
dn: olcDatabase={2}monitor,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {2}monitor
olcRootDN: cn=monitor
olcRootPW:
{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$f1aoIjM0CjWwGIyBAsjzyw$j+1bYxs+CYOPR2lXrvamB7yFzSX/nNMiVwIn7vwPRVw
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
```
--
You are receiving this mail because:
You are on the CC list for the issue.
