Le 14/01/2016 10:58, Clément OUDOT a écrit :
>
>
> Le 14/01/2016 10:41, [email protected] a écrit :
>> Hi,
>>
>> I did an apt-get update && apt-get upgrade on a box, then got into the
>> issue described at
>> http://lists.ltb-project.org/pipermail/ltb-users/2015-December/000653.html
>>
>>
>>
>>> The best is to to a service slapd backupconfig *before* the upgrade.
>>> Stop
>>> OpenLDAP and do the upgrade.
>>> If you forgot to do this before upgrade,
>> Of course, I forgot about doing that ! But tell me, who will not ? :D
>> When upgrading all the packages of a server you can't think of all the
>> special cases that some packages could lead to. This would be a
>> nightmare to maintain ;)
>>
>> Here is a suggestion : why not include a systematic 'backupconfig' prior
>> to every package upgrade ?
>
>
> Why not, but a config can contain sensitive information and we should
> not do that without warning the admin. You can maybe open an issue to
> discuss about that.
security is a good point, indeed.
I'll do.
>
>
>>> If you forgot to do this before upgrade, the only way is to edit the
>>> LDIF
>>> files directly in slapd.d/, but you will get this warning:
>>> 566582ef ldif_read_file: checksum error on
>>> "****/slapd.d/cn=config/cn=schema/cn={3}ppolicy.ldif"
>>>
>>> To bypass it, do a service slapd backupconfig and service slapd
>>> restoreconfig
>> What I did is to copy
>> /usr/local/openldap/etc/openldap/schema/ppolicy.ldif to
>> /slapd.d/cn=config/cn=schema/cn={3}ppolicy.ldif then editing the first
>> line from:
>>
>> dn: cn=ppolicy,cn=schema,cn=config
>>
>> to
>>
>> dn: cn=ppolicy
>>
>> Then slapd started without any glitch, so I don't understand why I
>> didn't get the warning you mention. Is it the good way to do it ?
>>
>> Do I need to do anything else or should I consider the issue is solved ?
>
> No, you just completely removed the ppolicy shema as it is no more a
> branch of cn=schema,cn=config.
>
I'm not so sure. Actually I did this because without any modification to
the slapd.d ppolicy file, I was facing to:
56976a64 config error processing
cn=ppolicy,cn=schema,cn=config,cn=schema,cn=config:
After modification, to verify I did a 'backupconfig' and I can see the
following appear in the backup file :
dn: cn=ppolicy,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: ppolicy
(...)
( However there is no {X} ordering. )
--
Martin Hamant
IT Administrator OW2 www.ow2.org
C: +33 951 736 979 F: +33 177 725 763
The open source community for infrastructure software
_______________________________________________
ltb-users mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-users
