Bug 612602

Summary: openldap-servers doesn't install /etc/openldap/slapd.conf
Product: [Fedora] Fedora Reporter: Jaroslav Škarvada <jskarvad>
Component: openldapAssignee: Jan Vcelak <jvcelak>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 13CC: jskarvad, jvcelak, jzeleny, rmeggins, series8217, tsmetana
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: openldap-2.4.21-10.fc13 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-10-29 09:19:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Jaroslav Škarvada 2010-07-08 15:30:16 UTC
Description of problem:
After installation of openldap-servers there is /etc/openldap/slapd.conf.bak but no /etc/openldap/slapd.conf. If I understand the used logic correctly - it should backup old customized config to .bak and install new config. If that view is correct, then the appropriate code should be moved from %post servers to %pre servers, because now the conditional check for upgrade always triggers and kills the installed slapd.conf.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install openldap-servers.
Actual results:
There is /etc/openldap/slapd.conf.bak but no /etc/openldap/slapd.conf.

Expected results:
There should be /etc/openldap/slapd.conf and /etc/openldap/slapd.conf.bak only if upgrading with customized config.

Comment 1 Jan Vcelak 2010-07-08 16:22:41 UTC

This is an expected behavior. Configuration file /etc/openldap/slapd.conf is deprecated. The %post scriptlet backups your old slapd.conf (if present) and creates new configuration in /etc/openldap/slapd.d/. No slapd.conf is being installed. 

However, slapd.conf.bac is really created even if the configuration was already migrated to new format. This will be fixed.


Comment 2 Jan Zeleny 2010-07-09 06:17:13 UTC
(In reply to comment #1)
> However, slapd.conf.bac is really created even if the configuration was already
> migrated to new format. This will be fixed.

the file is kept for a purpose. This change has been introduced in F12 and as this bug shows, there are still some people unaware of it. That's why I wanted to keep the file, so user configuration can be preserved in a format user knows. Another reason is that the file can be used to fall back to the old config style, which is not supported, but it is still working.

Maybe the correct thing to do here is to add a comment as the first line of slapd.conf.bak explaining why it is no longer used and why does it still exist.

What do you think?

Comment 3 Jaroslav Škarvada 2010-07-09 06:58:11 UTC
OK, now there is slapd.conf shipped in binary rpm and all the "hacking" is made in post phase, so probably this could be improved and the slapd.conf not shipped in binary rpm.

Comment 4 Jaroslav Škarvada 2010-07-10 09:56:04 UTC
Also please note that it is a bit confusing to have slapd.d and also slapd.conf.bak after clean install. Wouldn't be better to install the old config to /usr/share/doc/openldap-servers* as slapd.conf.old or slapd.conf.deprecated or similar?

Comment 5 Jan Vcelak 2010-07-20 17:29:18 UTC
In the next build, default old style configuration file will be available in /usr/share/openldap-servers as slapd.conf.obsolete.

Backup file /etc/openldap/slapd.conf.bak will be created only if your configuration was migrated from old to new style (during package upgrade).

Comment 6 Fedora Update System 2010-07-20 17:34:51 UTC
openldap-2.4.21-10.fc13 has been submitted as an update for Fedora 13.

Comment 7 Jan Vcelak 2010-07-20 17:48:05 UTC
openldap-2.4.22-6.fc14 in Rawhide

Comment 8 Fedora Update System 2010-08-23 22:04:39 UTC
openldap-2.4.21-10.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Admin XMLRPC Client 2010-09-15 07:52:14 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 10 Steven Snyder 2010-10-05 23:29:05 UTC
The /etc/openldap/slapd.conf situation is confusing to me.

Right now the openldap-servers RPM doesn't install an slapd.conf anywhere except /usr/share/openldap-servers/slapd.conf.obsolete. Based on the comments above this seems to be the desired behavior.

However, Section 14.6 of the Fedora 13 Deployment Guide (http://docs.fedoraproject.org/en-US/Fedora/13/html/Deployment_Guide/s1-ldap-quickstart.html#s2-ldap-files-slapd-conf) explains only how to set up OpenLDAP using slapd.conf. It doesn't mention that the file is deprecated, nor doesn't say anything about /etc/openldap/slapd.d/.

Also there is no note in /etc/openldap/ directing where to go now that /etc/openldap/slapd.conf is gone. I can't find anything in the man pages either.

Comment 11 Jan Vcelak 2010-10-06 08:14:34 UTC
It seems the documentation is outdated. Please, file a bug against "Fedora Documentation" component.

There is probably no information about configuration format change in manual pages. It can be found in official documentation [1]. And if you are looking for manual pages for new configuration file, try "man slapd-config".

[1] http://www.openldap.org/doc/admin24/slapdconf2.html

Comment 12 Steven Snyder 2010-10-07 22:47:13 UTC
Thanks Jan, I filed a bug against the Fedora Docs (Bug 640706).