Public bug reported:
Binary package hint: slapd
/var/lib/ldap is owner "openldap", group "openldap". I give it
permission 770 so that members of the "openldap" group can run slapcat.
I run a daily cron job to backup the LDAP directory using slapcat.
Currently the job is in an "administrator" user's crontab. I prefer not
to run the backup script as root. I suppose I could somehow run it as
the "openldap" user? However I have so far made "administrator" a member
of the "openldap" group, to have permission to run slapcat.
I added a dpkg-statoverride to give /var/lib/ldap permission 770:
administra...@amos:~$ dpkg-statoverride --list /var/lib/ldap
openldap openldap 770 /var/lib/ldap
administra...@amos:~$
- however whenever I upgrade the slapd package, the permission on
/var/lib/ldap is reset to 750. I think this line (chmod) in
slapd.postinst is responsible:
[...]
update_permissions() { # {{{
dir="$1"
[ -z "${SLAPD_USER}" ] || chown -R "${SLAPD_USER}" "${dir}"
[ -z "${SLAPD_GROUP}" ] || chgrp -R "${SLAPD_GROUP}" "${dir}"
chmod -R u=rwX,g=rX,o-rwx "${dir}"
}
# }}}
[...]
** Affects: openldap (Ubuntu)
Importance: Undecided
Status: New
--
postinst ignores dpkg-statoverride
https://bugs.launchpad.net/bugs/343762
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
