This bug should only affect systems that have been installed in
Intrepid/Jaunty, upgraded to Karmic then Lucid.
Systems installed in Karmic and systems upgrading from Hardy shouldn't
be affected.
** Description changed:
Bug 526230 is back.
I had slapd 2.4.21-0ubuntu4 installed, then "apt-get dist-upgrade",
which pulled in slapd 2.4.21-0ubuntu5. This modified
/etc/ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif by adding
duplicate olcAccess lines without any {0} index prefix, causing slapd to
fail to start. This caused:
==========
Setting up slapd (2.4.21-0ubuntu5) ...
- Backing up /etc/ldap/slapd.d/ in /var/backups/slapd-2.4.21-0ubuntu4... done.
+ Backing up /etc/ldap/slapd.d/ in /var/backups/slapd-2.4.21-0ubuntu4... done.
Starting OpenLDAP: slapd - failed.
The operation failed but no output was produced. For hints on what went
wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
try running the daemon in Debug mode like via "slapd -d 16383" (warning:
this will create copious output).
- Below, you can find the command line options used by this script to
+ Below, you can find the command line options used by this script to
run slapd. Do not forget to specify those options if you
want to look to debugging output:
- slapd -h 'ldap:/// ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d/
+ slapd -h 'ldap:/// ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d/
invoke-rc.d: initscript slapd, action "start" failed.
dpkg: error processing slapd (--configure):
- subprocess installed post-installation script returned error exit status 1
+ subprocess installed post-installation script returned error exit status 1
==========
and:
==========
Apr 27 21:15:16 esk slapd[8805]: @(#) $OpenLDAP: slapd 2.4.21 (Apr 26 2010
11:07:14)
$#012#011bui...@rothera:/build/buildd/openldap-2.4.21/debian/build/servers/slapd
Apr 27 21:15:16 esk slapd[8805]: config error processing
olcDatabase={-1}frontend,cn=config: ordered_value_sort failed on attr
olcAccess#012
Apr 27 21:15:16 esk slapd[8805]: slapd stopped.
==========
due to content:
==========
dn: olcDatabase={-1}frontend
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by *
break
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by *
break
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 0
olcReadOnly: FALSE
olcSchemaDN: cn=Subschema
olcMonitoring: FALSE
olcAccess: to * by dn.exact=cn=localroot,cn=config manage by * break
structuralObjectClass: olcDatabaseConfig
entryUUID: 9d222b1e-24cc-102e-9a29-375c9ad51446
creatorsName: cn=config
createTimestamp: 20090824073643Z
entryCSN: 20090824073643.173347Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20090824073643Z
==========
Note: I tried "apt-get dist-upgrade" a few times to see if the problem
would fix itself before investigating. I think each run added a new
duplicate olcAccess entry without checking for pre-existing entries.
After I deleted the first two olcAccess above, slapd would start again.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: slapd 2.4.21-0ubuntu5
ProcVersionSignature: Ubuntu 2.6.32-21.32-generic 2.6.32.11+drm33.2
Uname: Linux 2.6.32-21-generic i686
Architecture: i386
Date: Tue Apr 27 21:16:07 2010
ProcEnviron:
- PATH=(custom, user)
- LANG=en_US.utf8
- SHELL=/bin/bash
+ PATH=(custom, user)
+ LANG=en_US.utf8
+ SHELL=/bin/bash
SourcePackage: openldap
+
+ Lucid Release Note:
+
+ == Openldap fails to start on upgrade ==
+
+ When upgrading some systems from Karmic openldap may fail to start by
+ logging messages similar to "ordered_value_sort failed on attr
+ olcAccess#012". To workaround the problem remove the line "olcAccess: to
+ * by dn.exact=cn=localroot,cn=config manage by * break" from
+ /etc/ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif and
+ /etc/ldap/slapd./cn=config/olcDatabase={0}config.ldif.
** Changed in: ubuntu-release-notes
Status: New => Confirmed
** Changed in: openldap (Ubuntu)
Status: Confirmed => Triaged
--
slapd 2.4.21-0ubuntu5 corrupts olcDatabase={-1}frontend.ldif with duplicate
olcAccess lines (again)
https://bugs.launchpad.net/bugs/571057
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
