Bug#921953: apacheds: Further analysis
tony mancill
tmancill at debian.org
Tue Feb 19 01:49:59 GMT 2019
On Sun, Feb 10, 2019 at 09:25:30PM +0100, Johan Grip wrote:
> Hi.
>
> Looked at it a bit more and found the following things.
>
> ApacheDS have moved it's configuration to a dynamic schema based setup, like
> OpenLDAP.
> As part of the startup it tries to migrate the config.ldif to a folder based
> setup
> in ou=config. Since the user it runs as doesn't have write permission for
> /etc/apacheds
> it fails and then gives up starting.
>
> Additionally, once the permission issue is sorted the current systemd unit
> checks for the
> existance of the config.ldif file which will be renamed as part of the
> migration so it will
> not start the server.
>
> The patch below fixes both but I'm not sure if services are supposed to
> write in /etc.
Hi Johan,
Thank you for the analysis and the patch. I adjusted the permissions
slightly based on [1]. I'm not completely sure that the directory
shouldn't also be world-readable given that the configuration created by
apacheds when it does start correctly is world readable anyway, but I
didn't change that. Also, as I interpret Debian Policy 10.7.2 [2], the
files are in the desired location.
Since I'm not normally an uploader of apacheds, I'm going to give the
normal uploaders a couple days to comment before proceeding. I am keen
on getting this RC bug addressed, since it will remove several other
packages from Debian, including zookeeper.
Cheers,
tony
[1] https://www.debian.org/doc/debian-policy/ch-files.html#permissions-and-owners
[2] https://www.debian.org/doc/debian-policy/ch-files.html#location
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20190218/71be6b09/attachment.sig>
More information about the pkg-java-maintainers
mailing list