[Bug 257667] Re: wrong permissions to access ldapi
This bug was fixed in the package openldap - 2.4.11-0ubuntu4 --- openldap (2.4.11-0ubuntu4) intrepid; urgency=low * debian/slapd.postinst, debian/slapd.script-common: set correct ownership and permissions on /var/lib/ldap, /etc/ldap/slapd.d (group readable) and /var/run/slapd (world readable). (LP: #257667). * debian/slapd.script-common: - Fix package reconfiguration: + Remove slapd.d/ directory if it already exists when creating a new configuration. + Fix backup directory naming for multiple reconfiguration. -- Mathias Gug [EMAIL PROTECTED] Wed, 24 Sep 2008 21:01:42 -0400 ** Changed in: openldap (Ubuntu) Status: Triaged = Fix Released -- wrong permissions to access ldapi https://bugs.launchpad.net/bugs/257667 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 257667] Re: wrong permissions to access ldapi
You are right Javier. However, I'd suggest to always fix the permission in the init script just after the ownership are set. It's simpler. ** Changed in: openldap (Ubuntu) Status: Confirmed = Triaged ** Changed in: openldap (Ubuntu) Target: None = ubuntu-8.10-beta -- wrong permissions to access ldapi https://bugs.launchpad.net/bugs/257667 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 257667] Re: wrong permissions to access ldapi
Thanks for your bug report. Your debdiff doesn't work as expected as /var/run is a tmpfs directory and is recreated every time the system is booted. Moreover, according the init script /etc/init.d/slapd, the symlink is there to maintain backward compatibility with openldap 2.1 client libraries: # Backward compatibility with OpenLDAP 2.1 client libraries. if [ ! -h /var/run/ldapi ] [ ! -e /var/run/ldapi ] ; then ln -s slapd/ldapi /var/run/ldapi fi ** Changed in: openldap (Ubuntu) Importance: Undecided = Medium Status: New = Confirmed -- wrong permissions to access ldapi https://bugs.launchpad.net/bugs/257667 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 257667] Re: wrong permissions to access ldapi
Hi Mathias, Thanks for taking care of this. Yes, /var/run is recreated every time the system is booted, but that's fine because /etc/init.d/slapd does the work ok: # Make sure the pidfile directory exists with correct permissions piddir=`dirname $SLAPD_PIDFILE` if [ ! -d $piddir ]; then mkdir -p $piddir [ -z $SLAPD_USER ] || chown -R $SLAPD_USER $piddir [ -z $SLAPD_GROUP ] || chgrp -R $SLAPD_GROUP $piddir fi So as there's no umask the permissions for $piddir will be fine. The issue comes up between the first time the package is installed and the first boot. That's what my debdiff tries to address. -- wrong permissions to access ldapi https://bugs.launchpad.net/bugs/257667 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 257667] Re: wrong permissions to access ldapi
** Attachment added: This debdiff fixes the issue http://launchpadlibrarian.net/16746946/slapd.diff -- wrong permissions to access ldapi https://bugs.launchpad.net/bugs/257667 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs