Bug 141606 - OpenLDAP replication fails by wrong directory owner
Summary: OpenLDAP replication fails by wrong directory owner
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: openldap
Version: 3.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jan Safranek
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-12-02 14:22 UTC by NN
Modified: 2008-08-02 23:40 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-10-19 19:12:23 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description NN 2004-12-02 14:22:17 UTC
Description of problem:
LDAP replication can NOT work in the latest release. Reason is a 
misplaced owner/group setting of the automatically created 
directory '/var/lib/ldap/replica' that is owned by 'root' instead of 
user 'ldap'. LDAP will write logging there by default but cannot!

Version-Release number of selected component (if applicable):
openldap-2.1.29-1

How reproducible:
Changing owner: it works! Deleting directory: new dir is made with 
wrong owner root and it doesn't work anymore.

Steps to Reproduce:
1. rmdir /var/lib/ldap/replica
2. /etc/init.d/openldap restart => NO REPLICATION!!!
3. chwon ldap:ldap /var/lib/ldap/replica => WORKS!
  
Actual results:


Expected results:


Additional info:

Comment 1 Mohamed Eldesoky 2004-12-15 15:33:26 UTC
Confirmed on RHEL3 Update 3

Now the question, what are the correct permissions for the files
inside that directory ??

Comment 2 NN 2004-12-15 15:58:28 UTC
The correct permission should be already be set. Only the OpenLdap 
user should have access to this directory as far as I can see!
=> So it is 700!

Update to No. 3:
3.a) chmod 700 /var/lib/ldap/replica
3.b) chown ldap:ldap /var/lib/ldap/replica => WORKS!

Comment 3 Matthew Miller 2005-04-26 16:11:37 UTC
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.

Comment 4 John Thacker 2006-10-28 17:01:14 UTC
Switching to RHEL 3 Update 3, since FC2 is no longer supported.

Comment 5 RHEL Program Management 2007-10-19 19:12:23 UTC
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.


Note You need to log in before you can comment on or make changes to this bug.