Steve Langasek wrote:
Hi Jamie, So this is the behavior we would expect for a directory containing DNs that aren't below the indicated suffix. I don't see that there's anything we could do to automatically fix up such directories that I would consider safe.
...but I can't access said entries to delete them, as they aren't accessible via any means I'm aware of. If you can suggest some way of removing them, I'd be very grateful.
Rather, in this case I think it's as robust as is possible given that your directory contents are such that openldap 2.4 will refuse to work with them. It's my opinion that the current behavior is not a bug, and that letting the admin fix up the results manually is the right thing to do.
I can see your point of view, but when I ran the upgrade it didn't roll back, as the package installed, but the re-import didn't succeed, leaving me without a functional directory, which effectively brought down all my services that were dependant on it. I didn't cotton on to the fact it was the two bad entries until after I had restored manually from the bdb backup. The error message I provided was from my subsequent attempt to update.
signature.asc
Description: OpenPGP digital signature
