Bug 470393

Summary: configuration of nsslapd-timelimit -1 is rejected
Product: Red Hat Directory Server Reporter: Ulf Weltman <ulf.weltman>
Component: Directory ServerAssignee: Nathan Kinder <nkinder>
Status: CLOSED CURRENTRELEASE QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: benl, jgalipea, nkinder, rmeggins
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: 8.1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-04-29 23:07:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 249650, 467277, 493682    
Description Flags
trivial fix proposal none

Description Ulf Weltman 2008-11-06 23:11:32 UTC
The fix for bug 181032 is causing nsslapd-timelimit of -1 to be disallowed.  In 7.1 and according to RHDS 8.0 manual, -1 means infinite time limit.  7.1 had some code that indicated someone might have thought <0 was illegal, but that code didn't do anything.  In 8.0 the code returns operations error.

Comment 1 Ulf Weltman 2008-11-06 23:13:17 UTC
Created attachment 322795 [details]
trivial fix proposal

Comment 2 Nathan Kinder 2008-11-13 21:56:54 UTC
The fix in comment#1 looks good, and is consistent with the behavior outlines in the documentation.

Checked fix into ldapserver (HEAD).

Checking in ldap/servers/slapd/libglobs.c;
/cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v  <--  libglobs.c
new revision: 1.30; previous revision: 1.29

Comment 3 Jenny Severance 2009-04-01 19:50:19 UTC
fix verified RHEL 4 

[root@jennyv4 jenny]# ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep nsslapd-timelimit
nsslapd-timelimit: 3600
nsslapd-timelimit: 3600

1. stop server
2. edit dse.ldif nsslapd-timelimit: -1
3. start server - no errors

[root@jennyv4 jenny]# ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep nsslapd-timelimit
nsslapd-timelimit: -1
nsslapd-timelimit: 3600 

second attributes belong to container:
dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config

Comment 4 Chandrasekar Kannan 2009-04-29 23:07:36 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.