[SRU]slapd needs apparmor changes for cn=config
Bug #243525 reported by
Jeff Strunk
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap2.3 (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: slapd
/usr/bin/slapd needs write access to /etc/ldap/slap.d if one is going to use the in tree configuration mechanism effectively.
The following line needs to be added to /etc/apparmor.
/etc/
It can go after the line:
/etc/
I found this bug on a Hardy server with slapd 2.4.9-0ubuntu0.8.04 which is made with the openldap2.3 source package. The solution was at http://
The consequence of not doing this is that any changes made to the cn=config tree are not saved in /etc/ldap/slapd.d . This defeats the purpose of this new feature.
Changed in openldap2.3: | |
assignee: | nobody → jdstrand |
Changed in openldap2.3: | |
status: | Triaged → In Progress |
Changed in openldap2.3: | |
importance: | Undecided → Medium |
status: | New → Fix Released |
To post a comment you must log in.
On Fri, Jun 27, 2008 at 02:11:53PM -0000, Jeff Strunk wrote: d/usr.sbin. slapd : slapd.conf r, ubuntuforums. org/showthread. php?t=808097
> Public bug reported:
>
> Binary package hint: slapd
>
> /usr/bin/slapd needs write access to /etc/ldap/slap.d if one is going to
> use the in tree configuration mechanism effectively.
>
> The following line needs to be added to /etc/apparmor.
> /etc/ldap/slapd.d/* rw,
>
> It can go after the line:
> /etc/ldap/
>
> I found this bug on a Hardy server with slapd 2.4.9-0ubuntu0.8.04 which
> is made with the openldap2.3 source package. The solution was at
> http://
>
> The consequence of not doing this is that any changes made to the
> cn=config tree are not saved in /etc/ldap/slapd.d . This defeats the
> purpose of this new feature.
status triaged
importance medium
-- www.ubuntu. com
Mathias Gug
Ubuntu Developer http://