touch-packages team mailing list archive

[Ryan Tandy <1452087@xxxxxxxxxxxxxxxxxx>]

IIRC slapd does try to create the directory, but it's already switched
users by that point, so doesn't have sufficient privileges.

http://bazaar.launchpad.net/~ubuntu-
branches/ubuntu/vivid/openldap/vivid/view/head:/contrib/slapd-
modules/nssov/nssov.c#L808

I don't know whether the overlay has a way to run code before switching
permissions. Might be worth filing an ITS about, as this really should
work. Otherwise, the init script is probably the most reasonable place
to do it; but only if nssov is actually being used.

(apparmor may also be involved as pmatulis suggests. I didn't check.)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1452087

Title:
  slapd [or its init script] does not create necessary directory for
  nssov socket and fails to start

Status in openldap package in Ubuntu:
  New

Bug description:
  when used with the nss overlay, slapd fails to start, because
  /var/run/nslcd/ does not exist, and slap cannot then create the socket
  for this.  additionally, creating the directory manually does not
  help, because it disappears after every reboot.

  1] >lsb_release -rd
  Description:	Ubuntu 15.04
  Release:	15.04

  2] >apt-cache policy slapd
  slapd:
    Installed: 2.4.31-1+nmu2ubuntu12
    Candidate: 2.4.31-1+nmu2ubuntu12
    Version table:
   *** 2.4.31-1+nmu2ubuntu12 0
          500 http://us.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
          100 /var/lib/dpkg/status

  3] i expected the necessary directory to be created when starting slapd if the nss overlay is in use
  4] it was not

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1452087/+subscriptions