touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #86365
[Bug 667597] Re: conf.d directory not a configuration directory
** Changed in: openldap (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/667597
Title:
conf.d directory not a configuration directory
Status in openldap package in Ubuntu:
In Progress
Status in openldap package in Debian:
New
Bug description:
# cat /etc/issue
Ubuntu 10.04.1 LTS \n \l
# apt-cache policy slapd
slapd:
Installed: 2.4.21-0ubuntu5.3
Candidate: 2.4.21-0ubuntu5.3
Version table:
*** 2.4.21-0ubuntu5.3 0
500 ftp://10.1.4.17/ubuntu/ lucid-updates/main Packages
100 /var/lib/dpkg/status
2.4.21-0ubuntu5.2 0
500 ftp://10.1.4.17/ubuntu/ lucid-security/main Packages
2.4.21-0ubuntu5 0
500 ftp://10.1.4.17/ubuntu/ lucid/main Packages
PROBLEM DESCRIPTION:
The slapd package deploys the cn=config directory
/etc/ldap/slapd.d/cn=config
Howard Chu, Chief Architect of the OpenLDAP project has publicly
stated that the slapd.d directory is a configuration DATABASE and is
not user-editable[1].
The placement of this configuration database under /etc/ violates the
Debian Filesystem Hierarchy Standard v2.3 [2] to which Ubuntu also
adheres [3].
This is confusing for administrators migrating to the new cn=config
and can lead them to editing the database directly, which is not
documented nor intended.
SUGGESTED FIX:
* Ensure that slapd creates the configuration database somewhere under /var/lib
* Ensure that the slapd package's postinst does not modify the configuration database directly
* Ensure that the /etc/default/slapd file sets the SLAPD_CONF variable to the new location of the configuration database
NOTES:
This may need to be reported to the upstream Debian maintainers,
however it is my understanding that lenny still uses slapd.conf (and I
have not had time to test an unstable/testing box or inspect the
source package, yet).
[1] http://www.openldap.org/lists/openldap-technical/201009/msg00023.html
[2] http://www.debian.org/doc/packaging-manuals/fhs/fhs-2.3.html
[3] http://people.canonical.com/~cjwatson/ubuntu-policy/policy.html/ch-opersys.html#s-fhs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/667597/+subscriptions