Your message dated Tue, 9 Jan 2007 03:38:37 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#406173: slapd upgrade alters configuration files without
asking for permission
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: slapd
Version: 2.3.30-2
Severity: serious
Justification: Policy 10.7.3
Doing "aptitude upgrade slapd" produces the following output, without
any questions:
Installing new version of config file /etc/init.d/slapd ...
Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.3.29-1... done.
My dpkg.cfg sets "force-confold", so I was not expecting any questions
about new config files - I was expecting my old ones to stay around.
I thought about making this critical since breaking slapd config breaks
logins and nsswitches from *ALL* *MACHINES* using the said slapd for uid and
gid resolution. Luckily the upgraded machine was a replica slapd, not the
primary...
-Juha
-- System Information:
Debian Release: 4.0
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Versions of packages slapd depends on:
ii adduser 3.99 Add and remove users and groups
ii coreutils 5.97-5 The GNU core utilities
ii debconf [debconf-2.0] 1.5.6 Debian configuration management sy
ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries
ii libdb4.2 4.2.52+dfsg-1 Berkeley v4.2 Database Libraries [
ii libiodbc2 3.52.4-3 iODBC Driver Manager
ii libldap-2.3-0 2.3.30-2 OpenLDAP libraries
ii libltdl3 1.5.22-4 A system independent dlopen wrappe
ii libperl5.8 5.8.8-6.1 Shared Perl library
ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library
ii libslp1 1.2.1-6 OpenSLP libraries
ii libssl0.9.8 0.9.8c-3 SSL shared libraries
ii libwrap0 7.6.dbs-11 Wietse Venema's TCP wrappers libra
ii perl [libmime-base64-perl 5.8.8-6.1 Larry Wall's Practical Extraction
ii psmisc 22.3-1 Utilities that use the proc filesy
Versions of packages slapd recommends:
ii libsasl2-modules 2.1.19.dfsg1-0.5 Pluggable Authentication Modules f
-- debconf information:
slapd/password_mismatch:
slapd/fix_directory: true
slapd/invalid_config: true
shared/organization:
slapd/upgrade_slapcat_failure:
slapd/upgrade_slapadd_failure:
slapd/backend: BDB
slapd/dump_database: when needed
* slapd/allow_ldap_v2: false
* slapd/no_configuration: true
slapd/migrate_ldbm_to_bdb: false
slapd/move_old_database: true
slapd/suffix_change: false
slapd/slave_databases_require_updateref:
slapd/dump_database_destdir: /var/backups/slapd-VERSION
slapd/autoconf_modules: true
slapd/purge_database: false
slapd/domain:
--- End Message ---
--- Begin Message ---
On Tue, Jan 09, 2007 at 11:20:24AM +0200, Juha Jäykkä wrote:
> Package: slapd
> Version: 2.3.30-2
> Severity: serious
> Justification: Policy 10.7.3
> Doing "aptitude upgrade slapd" produces the following output, without
> any questions:
> Installing new version of config file /etc/init.d/slapd ...
> Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.3.29-1... done.
> My dpkg.cfg sets "force-confold", so I was not expecting any questions
> about new config files - I was expecting my old ones to stay around.
Only the first of these is a conffile message. "force-confold" only applies
when you have *locally modified* the conffile -- if you haven't, then the
new version of the conffile will be installed automatically.
The second line is part of slapd's support for upgrading the slapd.conf *so
that you aren't left with a version of the config file that's incompatible
with the current version of slapd*. It's not a policy violation to handle
config file syntax changes automatically.
> I thought about making this critical since breaking slapd config breaks
> logins and nsswitches from *ALL* *MACHINES* using the said slapd for uid and
> gid resolution. Luckily the upgraded machine was a replica slapd, not the
> primary...
You've failed to tell us what *broke* for you. On an upgrade from 2.3.29,
the only change that should ever be made is to enable or disable v2 protocol
support as indicated by the admin.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
[EMAIL PROTECTED] http://www.debian.org/
--- End Message ---
