@Nathan: yes, rereading the slapd.access manpage I think you're right,
the first match will define level of access:
Access control checking stops at the first match of the what and
who clause, unless otherwise dictated by the control clause.
Also, given that:
Each who clause list is
See bug 559070 (targeted to Lucid) for followup
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug notification because you are a member of Ubuntu
Server Team,
@Nathan: yes, rereading the slapd.access manpage I think you're right,
the first match will define level of access:
Access control checking stops at the first match of the what and
who clause, unless otherwise dictated by the control clause.
Also, given that:
Each who clause list is
See bug 559070 (targeted to Lucid) for followup
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Using this new version of the slapd.postinst script, the cn=config
database ends up with these two oldAccess attributes:
$ sudo slapcat -bcn=config -solcDatabase={0}config,cn=config | grep
olcAccess
olcAccess: {0}to * by * none
olcAccess: {1}to * by dn.exact=cn=localroot,cn=config manage by *
Using this new version of the slapd.postinst script, the cn=config
database ends up with these two oldAccess attributes:
$ sudo slapcat -bcn=config -solcDatabase={0}config,cn=config | grep
olcAccess
olcAccess: {0}to * by * none
olcAccess: {1}to * by dn.exact=cn=localroot,cn=config manage by *
** Changed in: openldap (Ubuntu Lucid)
Assignee: Mathias Gug (mathiaz) = Thierry Carrez (ttx)
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug
** Changed in: openldap (Ubuntu Lucid)
Status: Confirmed = In Progress
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug notification because you are a
This bug was fixed in the package openldap - 2.4.21-0ubuntu3
---
openldap (2.4.21-0ubuntu3) lucid; urgency=low
* debian/slapd.postinst, debian/slapd.scripts-common: Upgrade databases
before trying to convert to slapd.d, to avoid upgrade failure from hardy
(LP: #536958)
*
As I commented earlier, I belive this is the same bug as in karmic,
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/450645.
Will this be fixed so you can dist upgrade an ldap from jaunty - karmic
- lucid ... or will this remain broken for karmic ?
Thanks,
Jay
--
slapd package
I will try to actually run a test of this scenario sometime in the next
few days, but at first glance it appears to me that simply adding {1}
to both the grep and the sed lines of the postinst script will fix
Hardy - Lucid upgrades, but will cause new problems for other upgrade
paths.
In
@Jay: once this is fixed, it can be backported for Karmic.
@Nathan: My understanding is that the olcAccess line added before would
make the package fail to start until it is manually fixed to include a
{1}. The idea here is to keep the package working on a hardy-lucid
upgrade, not to
Ah, never mind.
I was thinking that if the user upgraded from jaunty up to karmic and
then again to lucid, both copies of the oldAccess line would be added to
the file (i.e. one with no index, by the karmic upgrade, and one with
{1}, by the lucid upgrade) -- but I see now the postinst script
This bug was fixed in the package openldap - 2.4.21-0ubuntu3
---
openldap (2.4.21-0ubuntu3) lucid; urgency=low
* debian/slapd.postinst, debian/slapd.scripts-common: Upgrade databases
before trying to convert to slapd.d, to avoid upgrade failure from hardy
(LP: #536958)
*
As I commented earlier, I belive this is the same bug as in karmic,
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/450645.
Will this be fixed so you can dist upgrade an ldap from jaunty - karmic
- lucid ... or will this remain broken for karmic ?
Thanks,
Jay
--
slapd package
I will try to actually run a test of this scenario sometime in the next
few days, but at first glance it appears to me that simply adding {1}
to both the grep and the sed lines of the postinst script will fix
Hardy - Lucid upgrades, but will cause new problems for other upgrade
paths.
In
@Jay: once this is fixed, it can be backported for Karmic.
@Nathan: My understanding is that the olcAccess line added before would
make the package fail to start until it is manually fixed to include a
{1}. The idea here is to keep the package working on a hardy-lucid
upgrade, not to
Ah, never mind.
I was thinking that if the user upgraded from jaunty up to karmic and
then again to lucid, both copies of the oldAccess line would be added to
the file (i.e. one with no index, by the karmic upgrade, and one with
{1}, by the lucid upgrade) -- but I see now the postinst script
** Changed in: openldap (Ubuntu Lucid)
Assignee: Mathias Gug (mathiaz) = Thierry Carrez (ttx)
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug
** Changed in: openldap (Ubuntu Lucid)
Status: Confirmed = In Progress
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug notification because you are a
I think this is a repetition of
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/450645
Other bug has been assigned low importance - this is a major problem and has
been around since karmic.
Be good to see some resolution of the various ldap issues in ubuntu at
the minute.
--
slapd
I think this is a repetition of
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/450645
Other bug has been assigned low importance - this is a major problem and has
been around since karmic.
Be good to see some resolution of the various ldap issues in ubuntu at
the minute.
--
slapd
** Changed in: openldap (Ubuntu Lucid)
Assignee: (unassigned) = Mathias Gug (mathiaz)
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug notification
** Changed in: openldap (Ubuntu Lucid)
Assignee: (unassigned) = Mathias Gug (mathiaz)
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
https://bugs.launchpad.net/bugs/538516
You received this bug notification
Thanks for the bug report, we'll try to get this fixed for lucid.
Regards
chuck
** Changed in: openldap (Ubuntu)
Importance: Undecided = High
** Changed in: openldap (Ubuntu)
Status: New = Confirmed
--
slapd package configuration aborts due to ordered_value_sort failed on attr
** Also affects: openldap (Ubuntu Lucid)
Importance: High
Status: Confirmed
** Changed in: openldap (Ubuntu Lucid)
Milestone: None = ubuntu-10.04-beta-2
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
** Also affects: openldap (Ubuntu Lucid)
Importance: High
Status: Confirmed
** Changed in: openldap (Ubuntu Lucid)
Milestone: None = ubuntu-10.04-beta-2
--
slapd package configuration aborts due to ordered_value_sort failed on attr
olcAccess error during Hardy - Lucid upgrade
Thanks for the bug report, we'll try to get this fixed for lucid.
Regards
chuck
** Changed in: openldap (Ubuntu)
Importance: Undecided = High
** Changed in: openldap (Ubuntu)
Status: New = Confirmed
--
slapd package configuration aborts due to ordered_value_sort failed on attr
I found that running slaptest -F /etc/ldap/slapd.d generated that same
error message.
To investigate further, I used the command line
slaptest -F /etc/ldap/slapd.d -d 1 21 | grep \.ldif
to track down the full path of the file that contained the offending line,
which turned out to be
I did some additional testing and believe that all Hardy - Lucid
upgrades will hit this bug.
Specifically, I installed the slapd package on Hardy box, one that had
never had any openldap packages installed. I let the package
installation script create the default slapd.conf file there, and then
A few other notes:
Bug #526230 On upgrade modifies multiple olcAccess definition are not
handled correclty is definitely related to this one. However, #526230
deals with a Jaunty-Karmic upgrade, and specifically mentions that the
pre-upgrade configuration had multiple oldAccess lines (so
I found that running slaptest -F /etc/ldap/slapd.d generated that same
error message.
To investigate further, I used the command line
slaptest -F /etc/ldap/slapd.d -d 1 21 | grep \.ldif
to track down the full path of the file that contained the offending line,
which turned out to be
I did some additional testing and believe that all Hardy - Lucid
upgrades will hit this bug.
Specifically, I installed the slapd package on Hardy box, one that had
never had any openldap packages installed. I let the package
installation script create the default slapd.conf file there, and then
A few other notes:
Bug #526230 On upgrade modifies multiple olcAccess definition are not
handled correclty is definitely related to this one. However, #526230
deals with a Jaunty-Karmic upgrade, and specifically mentions that the
pre-upgrade configuration had multiple oldAccess lines (so
34 matches
Mail list logo
