Bug 162691
| Summary: | LDAP init script starts daemon with invalid syntax, outputs parse error in debug mode | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Eli Stair <eli.stair> |
| Component: | openldap | Assignee: | Jan Safranek <jsafrane> |
| Status: | CLOSED WORKSFORME | QA Contact: | Jay Turner <jturner> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.0 | CC: | srevivo |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-06-04 08:56:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
It seems to me that the single quote is there intentionally - the daemon() function removes it (at least in RHEL-4.5) and slapd is called with -u "ldap:/// ldaps:///". |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Description of problem: The default init script (/etc/rc.d/init.d/ldap) performs a check of the config file (/etc/openldap/slapd.conf) to check for whether to run over an SSL port by grepping for /^TLS/. If TLS options are _not_ set, the daemon is started with: -u ldap -h "ldap:///" And results in a proper startup: <snip> daemon_init: listen on ldap:/// daemon_init: 1 listeners to open... ldap_url_parse_ext(ldap:///) daemon: initialized ldap:/// daemon_init: 2 listeners opened slapd init: initiated server. slap_sasl_init: initialized! </snip> If TLS options are set, the daemon is started with: -u ldap -h '"ldap:/// ldaps:///"' And results in: <snip> daemon_init: listen on "ldap:/// daemon_init: listen on ldaps:///" daemon_init: 2 listeners to open... ldap_url_parse_ext("ldap:///) daemon: listen URL ""ldap:///" parse error=3 slapd stopped. connections_destroy: nothing to destroy. </snip> When removing the single quotes from the URL spec results in a proper startup: <snip> daemon_init: listen on ldap:/// daemon_init: listen on ldaps:/// daemon_init: 2 listeners to open... ldap_url_parse_ext(ldap:///) daemon: initialized ldap:/// ldap_url_parse_ext(ldaps:///) daemon: initialized ldaps:/// daemon_init: 4 listeners opened slapd init: initiated server. slap_sasl_init: initialized! </snip> Version-Release number of selected component (if applicable): openldap-servers-2.2.13-2 How reproducible: Always Steps to Reproduce: 1. Install openldap server RPM. 2. Create certs and specify with TLS* lines. 3. Watch it burn. Actual Results: Doesn't start the slapd daemon. Expected Results: Should start the slapd daemon. Additional info: This reminds me of the previous init script for EL3 bind9 initscript that didn't work with chroot... simple fix also.