Public bug reported:
When upgrading from hardy to lucid, the following permissions are set on
the frontend :
# {-1}frontend, config
dn: olcDatabase={-1}frontend,cn=config
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
instead of:
dn: olcDatabase={-1}frontend,cn=config
olcAccess: {0}to * by
dn.exact="dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external" manage by *
break
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to dn.base="cn=subschema" by * read
The result of this is that the rootDse cannot be loaded by the anon user
(testable using ldapsearch -x -b "" -s base "+"), which prevents SASL binds
with Unix user from working (ldapsearch -U user ....)
** Affects: openldap (Ubuntu)
Importance: Undecided
Status: New
--
Upgrade from hardy (8.04) to lucid (10.04) sets bad permissions on
olcDatabase={-1}frontend,cn=config
https://bugs.launchpad.net/bugs/675052
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
