2016-01-14 11:30 GMT+01:00 Martin Hamant <[email protected]>: > Le 14/01/2016 10:58, Clément OUDOT a écrit : > > > > > > Le 14/01/2016 10:41, [email protected] a écrit : > >> Hi, > >> > >> I did an apt-get update && apt-get upgrade on a box, then got into the > >> issue described at > >> > http://lists.ltb-project.org/pipermail/ltb-users/2015-December/000653.html > >> > >> > >> > >>> The best is to to a service slapd backupconfig *before* the upgrade. > >>> Stop > >>> OpenLDAP and do the upgrade. > >>> If you forgot to do this before upgrade, > >> Of course, I forgot about doing that ! But tell me, who will not ? :D > >> When upgrading all the packages of a server you can't think of all the > >> special cases that some packages could lead to. This would be a > >> nightmare to maintain ;) > >> > >> Here is a suggestion : why not include a systematic 'backupconfig' prior > >> to every package upgrade ? > > > > > > Why not, but a config can contain sensitive information and we should > > not do that without warning the admin. You can maybe open an issue to > > discuss about that. > > security is a good point, indeed. > I'll do. > > > > > > >>> If you forgot to do this before upgrade, the only way is to edit the > >>> LDIF > >>> files directly in slapd.d/, but you will get this warning: > >>> 566582ef ldif_read_file: checksum error on > >>> "****/slapd.d/cn=config/cn=schema/cn={3}ppolicy.ldif" > >>> > >>> To bypass it, do a service slapd backupconfig and service slapd > >>> restoreconfig > >> What I did is to copy > >> /usr/local/openldap/etc/openldap/schema/ppolicy.ldif to > >> /slapd.d/cn=config/cn=schema/cn={3}ppolicy.ldif then editing the first > >> line from: > >> > >> dn: cn=ppolicy,cn=schema,cn=config > >> > >> to > >> > >> dn: cn=ppolicy > >> > >> Then slapd started without any glitch, so I don't understand why I > >> didn't get the warning you mention. Is it the good way to do it ? > >> > >> Do I need to do anything else or should I consider the issue is solved ? > > > > No, you just completely removed the ppolicy shema as it is no more a > > branch of cn=schema,cn=config. > > > > I'm not so sure. Actually I did this because without any modification to > the slapd.d ppolicy file, I was facing to: > > 56976a64 config error processing > cn=ppolicy,cn=schema,cn=config,cn=schema,cn=config: > > > After modification, to verify I did a 'backupconfig' and I can see the > following appear in the backup file : > > dn: cn=ppolicy,cn=schema,cn=config > objectClass: olcSchemaConfig > cn: ppolicy > (...) > > ( However there is no {X} ordering. ) >
Ok, strange behavior... Clément.
_______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
