← Back to team overview

touch-packages team mailing list archive

[Bug 667597] Re: conf.d directory not a configuration directory

 

** Changed in: openldap (Debian)
       Status: Unknown => New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/667597

Title:
  conf.d directory not a configuration directory

Status in openldap package in Ubuntu:
  In Progress
Status in openldap package in Debian:
  New

Bug description:
  # cat /etc/issue
  Ubuntu 10.04.1 LTS \n \l

  # apt-cache policy slapd
  slapd:
    Installed: 2.4.21-0ubuntu5.3
    Candidate: 2.4.21-0ubuntu5.3
    Version table:
   *** 2.4.21-0ubuntu5.3 0
          500 ftp://10.1.4.17/ubuntu/ lucid-updates/main Packages
          100 /var/lib/dpkg/status
       2.4.21-0ubuntu5.2 0
          500 ftp://10.1.4.17/ubuntu/ lucid-security/main Packages
       2.4.21-0ubuntu5 0
          500 ftp://10.1.4.17/ubuntu/ lucid/main Packages


  PROBLEM DESCRIPTION:

  The slapd package deploys the cn=config directory
  /etc/ldap/slapd.d/cn=config

  Howard Chu, Chief Architect of the OpenLDAP project has publicly
  stated that the slapd.d directory is a configuration DATABASE and is
  not user-editable[1].

  The placement of this configuration database under /etc/ violates the
  Debian Filesystem Hierarchy Standard v2.3 [2] to which Ubuntu also
  adheres [3].

  This is confusing for administrators migrating to the new cn=config
  and can lead them to editing the database directly, which is not
  documented nor intended.

  
  SUGGESTED FIX:
      * Ensure that slapd creates the configuration database somewhere under /var/lib
      * Ensure that the slapd package's postinst does not modify the configuration database directly
      * Ensure that the /etc/default/slapd file sets the SLAPD_CONF variable to the new location of the configuration database

  
  NOTES:

  This may need to be reported to the upstream Debian maintainers,
  however it is my understanding that lenny still uses slapd.conf (and I
  have not had time to test an unstable/testing box or inspect the
  source package, yet).

  
  [1] http://www.openldap.org/lists/openldap-technical/201009/msg00023.html
  [2] http://www.debian.org/doc/packaging-manuals/fhs/fhs-2.3.html
  [3] http://people.canonical.com/~cjwatson/ubuntu-policy/policy.html/ch-opersys.html#s-fhs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/667597/+subscriptions