I also have come upon this bug (or one just like it) in the Etch release. This is a brand new install (debootstraped), so there is no legacy baggage being pulled along for the ride. It prevents syncrepl from working over ldaps when running as the user openldap. Also, ldapsearch using ldaps as any unprivileged user fails.
I have found a different "workaround". /dev/urandom (and possibly /dev/random) needs to be accessible by the user. The default permissions appear to be 660. Changing them to 666 or changing the group to openldap would fix the issue. -Jeremy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
