[Pkg-openldap-devel] Bug#593965: slapd upgrade logic may mail on existing/working slapd.d/ configurations

Peter Marschall peter at adpm.de
Sun Aug 22 17:01:42 UTC 2010 

Package: slapd
Version: 2.4.23-3pm1
Severity: normal
Tags: sid

Hi Matthijs & the openldap maintainers,

The logic for converting the configuration to a slapdd.d based one
currently tests
	previous_version_older 2.4.23-3 || [ -f "${SLAPD_CONF}" ]
I.e. when upgrading from a version before 2.4.23-3 it will trigger.

This makes the following
	mkdir /etc/ldap/slapd.d
fail if the local system already uses slapd.d/ configuration.

I do not think it is a solution to change the mkdir to
	mkdir /etc/ldap/slapd.d  ||  true
because I guess the "slapd -f ... -F ..." then fail.

Unfortunately I do not have a working patch for the situation,
especially as I am trying to achieve ome - maybe contradicting - goals:
- convert to slapd.d/ on upgrade
- do not overwrite existing slapd.d/ when newer than slapd.conf
- allow to keep a slapd.conf based config even after 2.4.23-3 ;-)
Especially the last one will be tricky (maybe it needs to be restricted)

As soon as I have a more detailed idea I'll attach it to this bug.

Best
PEter


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages slapd depends on:
ii  adduser                   3.112          add and remove users and groups
ii  coreutils                 8.5-1          GNU core utilities
ii  debconf [debconf-2.0]     1.5.35         Debian configuration management sy
ii  libc6                     2.11.2-2       Embedded GNU C Library: Shared lib
ii  libdb4.8                  4.8.30-1       Berkeley v4.8 Database Libraries [
ii  libgnutls26               2.8.6-1        the GNU TLS library - runtime libr
ii  libldap-2.4-2             2.4.23-3pm1    OpenLDAP libraries
ii  libltdl7                  2.2.6b-2       A system independent dlopen wrappe
ii  libperl5.10               5.10.1-14      shared Perl library
ii  libsasl2-2                2.1.23.dfsg1-5 Cyrus SASL - authentication abstra
ii  libslp1                   1.2.1-7.7      OpenSLP libraries
ii  libwrap0                  7.6.q-19       Wietse Venema's TCP wrappers libra
ii  lsb-base                  3.2-23.1       Linux Standard Base 3.2 init scrip
ii  perl [libmime-base64-perl 5.10.1-14      Larry Wall's Practical Extraction 
ii  psmisc                    22.11-1        utilities that use the proc file s
ii  unixodbc                  2.2.14p2-1     ODBC tools libraries

Versions of packages slapd recommends:
ii  libsasl2-modules          2.1.23.dfsg1-5 Cyrus SASL - pluggable authenticat

Versions of packages slapd suggests:
ii  ldap-utils                   2.4.23-3pm1 OpenLDAP utilities

-- Configuration Files:
/etc/default/slapd changed:
SLAPD_CONF="/etc/ldap/slapd.d"
SLAPD_USER="openldap"
SLAPD_GROUP="openldap"
SLAPD_PIDFILE=
SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"
SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
export KRB5_KTNAME="FILE:/etc/ldap/slapd.keytab"
SLAPD_OPTIONS="-o slp=(tree=experimental),(server-type=OpenLDAP),(server-version=2.4.23)"


-- debconf information:
  slapd/tlsciphersuite:
  shared/organization: adpm.de
  slapd/upgrade_slapcat_failure:
  slapd/backend: HDB
  slapd/allow_ldap_v2: false
  slapd/no_configuration: false
  slapd/move_old_database: true
  slapd/suffix_change: false
  slapd/dump_database_destdir: /var/backups/slapd-VERSION
  slapd/domain: adpm.de
  slapd/password_mismatch:
  slapd/invalid_config: true
  slapd/slurpd_obsolete:
  slapd/dump_database: when needed
  slapd/migrate_ldbm_to_bdb: false
  slapd/purge_database: false

More information about the Pkg-openldap-devel mailing list