Bug#394887: [Pkg-openldap-devel] Bug#394887: Index-Files are created as root

Thorsten Schmidt meine_mailings at web.de
Tue Oct 24 20:28:40 CEST 2006 

Hello,

Am Montag, 23. Oktober 2006 20:43 schrieb Quanah Gibson-Mount:
> --On Monday, October 23, 2006 6:48 PM +0200 Thorsten Schmidt
>
> > I noticed that I (slapd? slapindex?) created some index files owned by
> > root by  accident after introducing new index-directives for samba in
> > slapd.conf
> >
> > However, even if I've done terrible wrong by running slapindex as root, I
> > strongly recommend showing a warning message if slapindex is up to
> > produce an  inconsistent database (database, that openldap is unable to
> > read by debian  defaults).
> >
> > Btw. I've set serverity: important, since inconsitent LDAP-DBs might
> > cause  system to fail as a whole. Feel free to set it to wishlist.
>
> Well, the problem definitely stems from running slapindex as root, rather
> than as the openldap user.  There is nothing actually wrong with the
> database that was created, simply fixing the permissions afterward should
> resolve any issues.  If it is not already in the debian documentation, I
> would agree that it needs to be strongly advised that if one intends to use
> the slap* tools, then they need to do it as the same user as OpenLDAP is
> running as, or otherwise they'll run into these types of permissions
> issues.  This really isn't that different from any number of other
> applications that run as their own user.

man slapindex: nothing - slapindex even doesn't support runnig as a different 
user like slapd does
README.Debian.gz: nothing
info: slapindex: nothing

However, I suggest applying the attaced patches.

Greets Thorsten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch2
Type: text/x-diff
Size: 530 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20061024/46d04cd7/patch2.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch1
Type: text/x-diff
Size: 453 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20061024/46d04cd7/patch1.bin

More information about the Pkg-openldap-devel mailing list