touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #98819
[Bug 1489071] Re: slapd expose server filestructure when issue lpadsearch with special query
how to drop ?
** Also affects: openldap (Ubuntu)
Importance: Undecided
Status: New
** Changed in: developer-portal
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1489071
Title:
slapd expose server filestructure when issue lpadsearch with special
query
Status in Developer registration portal:
Invalid
Status in openldap package in Ubuntu:
New
Bug description:
In my server I've made :
ldapsearch -x -b cn=ttestaaja,dc=myserver,dc=net *
That will be show
all files and folders in my /var/log/-folder
# filter: (objectclass=*)
# requesting: alternatives.log alternatives.log.1 alternatives.log.2.gz alternatives.log.3.gz apache2 apt auth.log auth.log.1 auth.log.2.gz auth.log.3.gz auth.log.4.gz bootstrap.log btmp btmp.1 dist-upgrade dmesg dpkg.log dpkg.log.1 dpkg.log.2.gz dpkg.log.3.gz dyfi-update.log faillog fsck installer kern.log kern.log.1 kern.log.2.gz kern.log.3.gz kern.log.4.gz landscape lastlog mail.log mail.log.1 mail.log.2.gz mail.log.3.gz mail.log.4.gz mysql openldap.log php5-fpm.log php5-fpm.log.1 php5-fpm.log.10.gz php5-fpm.log.2.gz php5-fpm.log.3.gz php5-fpm.log.4.gz php5-fpm.log.5.gz php5-fpm.log.6.gz php5-fpm.log.7.gz php5-fpm.log.8.gz php5-fpm.log.9.gz redis syslog syslog.1 syslog.2.gz syslog.3.gz syslog.4.gz syslog.5.gz syslog.6.gz syslog.7.gz ufw.log ufw.log.1 ufw.log.2.gz ufw.log.3.gz ufw.log.4.gz unattended-upgrades wtmp wtmp.1
#
# search result
search: 2
result: 32 No such object
matchedDN: dc=myserver,dc=net
# numResponses: 1
and
ldapsearch -x -b cn=ttestaaja,dc=myserver,dc=net /etc/*
# extended LDIF
#
# LDAPv3
# base <cn=ttestaaja,dc=myserver,dc=net> with scope subtree
# filter: (objectclass=*)
# requesting: /etc/acpi /etc/adduser.conf /etc/aliases /etc/aliases.db /etc/alternatives /etc/apache2 /etc/apm /etc/apparmor /etc/apparmor.d /etc/apport /etc/apt /etc/at.deny /etc/bash.bashrc /etc/bash_completion /etc/bash_completion.d /etc/bind /etc/bindresvport.blacklist /etc/binfmt.d /etc/byobu /etc/ca-certificates /etc/ca-certificates.conf /etc/calendar /etc/chatscripts /etc/checkinstallrc /etc/console-setup /etc/cron.d /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/crontab /etc/cron.weekly /etc/dbus-1 /etc/debconf.conf /etc/debian_version /etc/default /etc/deluser.conf /etc/depmod.d /etc/dhcp /etc/dpkg /etc/emacs /etc/environment /etc/fonts /etc/fstab /etc/fuse.conf /etc/gai.conf /etc/groff /etc/group /etc/group- /etc/grub.d /etc/gshadow /etc/gshadow- /etc/gss /etc/hdparm.conf /etc/host.conf /etc/hostname /etc/hosts /etc/hosts.allow /etc/hosts.deny /etc/ifplugd /etc/init /etc/init.d /etc/initramfs-tools /etc/inputrc /etc/insserv /etc/insserv.conf /etc/insserv.conf.d /etc/iproute2 /etc/irssi.conf /etc/iscsi /etc/issue /etc/issue.net /etc/kbd /etc/kernel /etc/kernel-img.conf /etc/landscape /etc/ldap /etc/ldapscripts /etc/ld.so.cache /etc/ld.so.conf /etc/ld.so.conf.d /etc/legal /etc/libaudit.conf /etc/libnl-3 /etc/locale.alias /etc/localtime /etc/logcheck /etc/login.defs /etc/logrotate.conf /etc/logrotate.d /etc/lsb-release /etc/ltrace.conf /etc/lvm /etc/machine-id /etc/magic /etc/magic.mime /etc/mailcap /etc/mailcap.order /etc/manpath.config /etc/mime.types /etc/mke2fs.conf /etc/modprobe.d /etc/modules /etc/modules-load.d /etc/mtab /etc/mysql /etc/nanorc /etc/network /etc/networks /etc/newt /etc/nsswitch.conf /etc/opt /etc/os-release /etc/pam.conf /etc/pam.d /etc/passwd /etc/passwd- /etc/perl /etc/php5 /etc/phpldapadmin /etc/pm /etc/polkit-1 /etc/popularity-contest.conf /etc/postfix /etc/ppp /etc/profile /etc/profile.d /etc/protocols /etc/python /etc/python2.7 /etc/python3 /etc/python3.4 /etc/rc0.d /etc/rc1.d /etc/rc2.d /etc/rc3.d /etc/rc4.d /etc/rc5.d /etc/rc6.d /etc/rc.local /etc/rcS.d /etc/redis /etc/resolvconf /etc/resolv.conf /etc/rmt /etc/rpc /etc/rsyslog.conf /etc/rsyslog.d /etc/screenrc /etc/securetty /etc/security /etc/selinux /etc/services /etc/sgml /etc/shadow /etc/shadow- /etc/shells /etc/skel /etc/ssh /etc/ssl /etc/subgid /etc/subgid- /etc/subuid /etc/subuid- /etc/sudoers /etc/sudoers.d /etc/sysctl.conf /etc/sysctl.d /etc/systemd /etc/terminfo /etc/timezone /etc/tmpfiles.d /etc/ucf.conf /etc/udev /etc/ufw /etc/updatedb.conf /etc/update-manager /etc/update-motd.d /etc/update-notifier /etc/vim /etc/vtrgb /etc/w3m /etc/wgetrc /etc/wpa_supplicant /etc/X11 /etc/xdg /etc/xml /etc/zsh_command_not_found
#
Same with also with i.e /home folder
lsb_release -ar
Distributor ID: Ubuntu
Description: Ubuntu 15.04
Release: 15.04
Codename: vivid
slapd:
Asennettu: 2.4.31-1+nmu2ubuntu12.2
Ehdokas: 2.4.31-1+nmu2ubuntu12.2
Versiotaulukko:
*** 2.4.31-1+nmu2ubuntu12.2 0
500 http://fi.archive.ubuntu.com/ubuntu/ vivid-updates/main amd64 Packages
100 /var/lib/dpkg/status
2.4.31-1+nmu2ubuntu12.1 0
500 http://security.ubuntu.com/ubuntu/ vivid-security/main amd64 Packages
2.4.31-1+nmu2ubuntu12 0
500 http://fi.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
cn=config.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 0eab57ef
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcPidFile: /var/run/slapd/slapd.pid
olcToolThreads: 1
structuralObjectClass: olcGlobal
entryUUID: e6e7de04-d8b4-1034-9a95-0daa9c472449
creatorsName: cn=config
createTimestamp: 20150816225014Z
olcLogLevel: stats
olcLogFile: "/var/log/openldap.log"
entryCSN: 20150826154756.862459Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20150826154756Z
To manage notifications about this bug go to:
https://bugs.launchpad.net/developer-portal/+bug/1489071/+subscriptions