Hi Arjan, On Tue, Apr 05, 2005 at 05:27:06PM +0200, Arjan Oosting wrote: > I upgraded my slapd installation a couple days ago to the latest version in > unstable, but the upgrade script failed. The upgrade script rewrote my > slapd.conf config file and changed the access specifications. Then i dumped > my > database to /var/backup/slapd-VERSION. After that it tried to load the > database
Erm, it should use /var/backups/slapd-2.1.30-3 under the assumption that
you were upgrading from the last version in sid. Is it in fact using
slapd-VERSION as the directory name unchanged?
> again, but it failed because the slapd.conf file got corrupted. It seems
> that the upgrade-script creates lines like:
>
> access to attrs=userPassword by dn.regex="cn=admin,dc=arriesoft,dc=nl" write
> by anonymous auth by self write by * none # NT Password
That's right. It's way to hard to collect continued lines into a single
line for parsing them and converting it back before writing so I did not
try to achieve this at this time. Of course the comment should not be
merged to the line. Also the maintainer scripts do not yet backup
slapd.conf which is on the TODO for the next version.
> That is everything on one line with to comment on the next line appended,
> which
> slapcat doesn't seem to understand. After changing the layout back to the
Hmm. I wonder how that can happen. The merge_logical_lines shell
function is used to merge any lines which start with a space to the
preceding line. Can you try to reproduce this and give me the relevant
section of the config file?
> original layout (see below), I did a dpkg --configure --pending, but this
> failed
> because the maintainer script isn't idempotent and tried to dump the database
> again to /var/backup/slapd-VERSION, but couldn't do that because there was
This is not true. In fact the dump is only done before unpacking the new
package. But currently it may try to replace the backup copy of the
database directory with the new (empty) database. I still have to check
that code path.
> already a database present there from the first try to upgrade slapd.
>
access to attrs=userPassword
by dn.regex="cn=admin,dc=arriesoft,dc=nl" write
by anonymous auth
by self write
by * none
# NT Password
Is this the exact indentation? This works just fine here...
> p.s. It seems that slapd is now linked with openssl in stead of gnutls? Are
> the
> GPL problems with linking to openssl solved? Linking with openssl broke my
> samba
No, they are not. The problem is linking applications to OpenSSL via
libldap which are not compatible with the OpenSSL license. Therefore we
build only the server and runtime library at this time and allow no
client applications to link those OpenSSL libraries.
> installation (samba linked with gnutls, user accounts in ldap) though :( ,
> but
> I will investigate that further and send another bugreport.
I don't think the breakage in your Samba installation is related. Samba
is using the libldap2 libraries which should still be from 2.1.x on any
Debian system. So nothing has changed on that front. Not sure if that is
a good thing... :(
Greetings
Torsten
signature.asc
Description: Digital signature
