Public bug reported: When I install slapd I see a complaint about an apparmor denial. When I try to set up my ldap setup, I see database corruption messages. After this slapd is unusable.
The same setup (as far as I can see) worked in 12.04. $ lsb_release -rd Description: Ubuntu 14.04 LTS Release: 14.04 $ apt-cache policy slapd slapd: Installed: 2.4.31-1+nmu2ubuntu8 Candidate: 2.4.31-1+nmu2ubuntu8 Version table: *** 2.4.31-1+nmu2ubuntu8 0 500 http://gb.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status $ sudo apt-get purge slapd <snip> $ sudo rm -rf /var/lib/ldap/ $ sudo rm -rf /var/lib/slapd/ $ sudo apt-get install slapd <snip> $ tail /var/log/syslog Jun 2 02:31:10 fitpc slapd[15569]: @(#) $OpenLDAP: slapd (Ubuntu) (Mar 17 2014 21:20:08) $#012#011buildd@aatxe:/build/buildd/openldap-2.4.31/debian/build/servers/slapd Jun 2 02:31:10 fitpc kernel: [10269.219731] type=1400 audit(1401672670.552:184): apparmor="DENIED" operation="open" profile="/usr/sbin/slapd" name="/usr/share/p11-kit/modules/" pid=15569 comm="slapd" requested_mask="r" denied_mask="r" fsuid=119 ouid=0 Jun 2 02:31:10 fitpc slapd[15570]: slapd starting $ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/db.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "olcDatabase={1}hdb,cn=config" modifying entry "olcDatabase={-1}frontend,cn=config" modifying entry "olcDatabase={0}config,cn=config" modifying entry "olcDatabase={0}config,cn=config" $ tail /var/log/syslog Jun 2 02:32:28 fitpc slapd[15570]: hdb_db_open: database "dc=balaam,dc=com": unclean shutdown detected; attempting recovery. $ cat /etc/ldap/db.ldif ########################################################### # DATABASE SETUP ########################################################### # Create directory database dn: olcDatabase={1}hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=balaam,dc=com olcRootDN: cn=admin,dc=balaam,dc=com olcRootPW: <snip> olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=balaam,dc=com" write by anonymous auth by self write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by dn="cn=admin,dc=balaam,dc=com" write by * read olcLastMod: TRUE olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbIndex: uid pres,eq olcDbIndex: cn,sn,mail pres,eq,approx,sub olcDbIndex: objectClass eq ########################################################### # DEFAULTS MODIFICATION ########################################################### # Some of the defaults need to be modified in order to allow # remote access to the LDAP config. Otherwise only root # will have administrative access. dn: olcDatabase={-1}frontend,cn=config changetype: modify delete: olcAccess dn: olcDatabase={0}config,cn=config changetype: modify add: olcRootPW olcRootPW: {CRYPT}7hzU8RaZxaGi2 dn: olcDatabase={0}config,cn=config changetype: modify delete: olcAccess ** Affects: openldap (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1325446 Title: Database corrupted during ldapadd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1325446/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs