Bug#1010971: openldap breaks sssd autopkgtest: ldap_bind: Invalid credentials
Paul Gevers
elbrus at debian.org
Sat May 14 12:27:54 BST 2022
Source: openldap, sssd
Control: found -1 openldap/2.5.12+dfsg-1
Control: found -1 sssd/2.6.3-3
Severity: serious
Tags: sid bookworm
User: debian-ci at lists.debian.org
Usertags: breaks needs-update
Dear maintainer(s),
With a recent upload of openldap the autopkgtest of sssd fails in
testing when that autopkgtest is run with the binary packages of
openldap from unstable. It passes when run with only packages from
testing. In tabular form:
pass fail
openldap from testing 2.5.12+dfsg-1
sssd from testing 2.6.3-3
versioned deps [0] from testing from unstable
all others from testing from testing
I copied some of the output at the bottom of this report.
Currently this regression is blocking the migration of openldap to
testing [1]. Due to the nature of this issue, I filed this bug report
against both packages. Can you please investigate the situation and
reassign the bug to the right package?
More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation
Paul
[0] You can see what packages were added from the second line of the log
file quoted below. The migration software adds source package from
unstable to the list if they are needed to install packages from
openldap/2.5.12+dfsg-1. I.e. due to versioned dependencies or
breaks/conflicts.
[1] https://qa.debian.org/excuses.php?package=openldap
https://ci.debian.net/data/autopkgtest/testing/amd64/s/sssd/21705563/log.gz
+ . debian/tests/util
+ . debian/tests/common-tests
+ mydomain=example.com
+ myhostname=ldap.example.com
+ mysuffix=dc=example,dc=com
+ admin_dn=cn=admin,dc=example,dc=com
+ admin_pw=secret
+ ldap_user=testuser1
+ ldap_user_pw=testuser1secret
+ ldap_group=ldapusers
+ adjust_hostname ldap.example.com
+ local myhostname=ldap.example.com
+ echo ldap.example.com
+ hostname ldap.example.com
+ grep -qE ldap.example.com /etc/hosts
+ echo 127.0.1.10 ldap.example.com
+ reconfigure_slapd
+ debconf-set-selections
+ rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb
+ dpkg-reconfigure -fnoninteractive -pcritical slapd
Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.5.12+dfsg-1... done.
Moving old database directory to /var/backups:
- directory unknown... done.
Creating initial configuration... done.
Creating LDAP directory... done.
+ generate_certs ldap.example.com
+ local cn=ldap.example.com
+ local cert=/etc/ldap/server.pem
+ local key=/etc/ldap/server.key
+ local cnf=/etc/ldap/openssl.cnf
+ cat
+ openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout
/etc/ldap/server.key -config /etc/ldap/openssl.cnf
Generating a RSA private key
.+++++
........+++++
writing new private key to '/etc/ldap/server.key'
-----
+ chmod 0640 /etc/ldap/server.key
+ chgrp openldap /etc/ldap/server.key
+ [ ! -f /etc/ldap/server.pem ]
+ [ ! -f /etc/ldap/server.key ]
+ enable_ldap_ssl
+ cat
+ cat+ ldapmodify -H ldapi:/// -Y EXTERNAL -Q
modifying entry "cn=config"
+ populate_ldap_rfc2307
+ ldapadd -x -D cn=admin,dc=example,dc=com -w secret
+ cat
ldap_bind: Invalid credentials (49)
autopkgtest [05:16:59]: test ldap-user-group-ldap-auth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-openldap-devel/attachments/20220514/67b5aa09/attachment.sig>
More information about the Pkg-openldap-devel
mailing list