Bug#419560: [Pkg-openldap-devel] Bug#419560: Upgrade problems.

Steve Langasek vorlon at debian.org
Wed Apr 18 11:34:55 UTC 2007 

tags 419560 unreproducible
thanks

On Mon, Apr 16, 2007 at 06:13:01PM +0200, Ola Lundqvist wrote:
> I know that this is not a very good bugreport as I did the upgrade
> yesterday and I write this report from today. However I think it
> could be good to know that there are problems while upgrading.

> I started with a sarge system and upgraded to etch. I do not know
> exactly know which other programs I upgrade at the same time but
> I do not think it was that many, as I selectively upgraded a few
> and slapd was one of the services in the middle.

> This is what I remember:
> 1) I get information that the new user that slapd will run as is
>    openldap.
> 2) On upgrade it can not start slapd as the user do not exist and
>    the upgrade of that package exit.

Sorry, I don't see how this is possible at all, and no one else has reported
seeing this problem on upgrade.  The slapd package depends on adduser, and
the current slapd postinst unconditionally calls:

MODE="$1"               # install, upgrade, etc. - see debian-policy
[...]
if [ "$MODE" = "configure" ]; then
        create_new_user
fi

where create_new_user() does all of the user and group setup.

There are no invocations of invoke-rc.d slapd prior to this anywhere in the
upgrade process, the daemon restart is the last thing done in the postinst;
and nothing but the init script uses the openldap user/group, which is
referenced only from /etc/default/slapd.  So without a log of the *earliest*
stages of this upgrade, I don't see that there's any hope of figuring out
what happened to cause this problem for you.

> 3) The upgrade continue, and now the user is created it chowns
>    a number of files and do convert from old data to the new.
> 4) But the start of slapd do not work well and the upgrade
>    of the package terminates.

Well, again here we would need to know what didn't "work well".

> 10) I now find out that the ldap data directory contain files with
>    root.root permission, and that is the reason why it do not start.

Hmm, this had been reported previously, but I thought we had addressed that
bug...

> I think the main problem is that I have to manually remove the
> data backup directory. I think it should exit silently and not with
> an error.

No, I disagree.  The slapd maintainer scripts are deliberately very
conservative with what they do with all user data.  Inconveniencing users
with a requirement to manually fix up the data directory is better (not
good, but better) than trashing the user's directory by mistake.

> However you are probably better to determine what the real problem is.

> I assume that you can reproduce this way:
> * Install sarge version of slapd
> * Remove the openldap user and group.
> * Upgrade slapd.

No, you cannot.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon at debian.org                                   http://www.debian.org/

More information about the Pkg-openldap-devel mailing list