[Pkg-openldap-devel] Bug#432662: slapd.conf group not openldap

Trent W. Buck trentbuck at gmail.com
Wed Jul 11 08:56:15 UTC 2007 

Package: slapd
Version: 2.3.30-5
Severity: normal

Note: I've never used LDAP before, this may be a non-bug.

Following http://wiki.debian.org/OpenLDAPSetup, I tried the following
command (with slapd stopped):

    $ sudo slapindex
    
    WARNING!
    Runnig as root!
    There's a fair chance slapd will fail to start.
    Check file permissions!

slapd runs as the user openldap, so naturally I tried 

    $ sudo -u openldap slapindex
    could not open config file "/etc/ldap/slapd.conf": Permission denied (13)
    slapindex: bad configuration file!

I check the config file:

    $ ls -l /etc/ldap/slapd.conf
    -rw------- 1 root root 4366 2007-07-11 18:37 /etc/ldap/slapd.conf

In #ldap on irc.freenode.net, _ranger_ told me that this file should
be

    -rw-r----- 1 root openldap 4366 2007-07-11 18:37 /etc/ldap/slapd.conf

This wouldn't be a problem if slapd ran as root, but apparently it
runs as the user openldap by default.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)

Versions of packages slapd depends on:
ii  adduser                   3.102          Add and remove users and groups
ii  coreutils                 5.97-5.3       The GNU core utilities
ii  debconf [debconf-2.0]     1.5.11         Debian configuration management sy
ii  libc6                     2.3.6.ds1-13   GNU C Library: Shared libraries
ii  libdb4.2                  4.2.52+dfsg-2  Berkeley v4.2 Database Libraries [
ii  libiodbc2                 3.52.4-5       iODBC Driver Manager
ii  libldap-2.3-0             2.3.30-5       OpenLDAP libraries
ii  libltdl3                  1.5.22-4       A system independent dlopen wrappe
ii  libperl5.8                5.8.8-7        Shared Perl library
ii  libsasl2-2                2.1.22.dfsg1-8 Authentication abstraction library
ii  libslp1                   1.2.1-6.2      OpenSLP libraries
ii  libssl0.9.8               0.9.8c-4       SSL shared libraries
ii  libwrap0                  7.6.dbs-13     Wietse Venema's TCP wrappers libra
ii  perl [libmime-base64-perl 5.8.8-7        Larry Wall's Practical Extraction 
ii  psmisc                    22.3-1         Utilities that use the proc filesy

Versions of packages slapd recommends:
ii  libsasl2-modules          2.1.22.dfsg1-8 Pluggable Authentication Modules f

-- debconf information:
  slapd/password_mismatch:
  slapd/fix_directory: true
  slapd/invalid_config: true
  shared/organization: twb.ath.cx
  slapd/upgrade_slapcat_failure:
  slapd/upgrade_slapadd_failure:
  slapd/backend: BDB
  slapd/dump_database: when needed
  slapd/allow_ldap_v2: false
  slapd/no_configuration: false
  slapd/migrate_ldbm_to_bdb: true
  slapd/move_old_database: true
  slapd/suffix_change: false
  slapd/slave_databases_require_updateref:
  slapd/dump_database_destdir: /var/backups/slapd-VERSION
  slapd/autoconf_modules: true
  slapd/purge_database: false
  slapd/domain: twb.ath.cx

More information about the Pkg-openldap-devel mailing list