Bug 141606 - OpenLDAP replication fails by wrong directory owner
OpenLDAP replication fails by wrong directory owner
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: openldap (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jan Safranek
Depends On:
  Show dependency treegraph
Reported: 2004-12-02 09:22 EST by NN
Modified: 2008-08-02 19:40 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-10-19 15:12:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description NN 2004-12-02 09:22:17 EST
Description of problem:
LDAP replication can NOT work in the latest release. Reason is a 
misplaced owner/group setting of the automatically created 
directory '/var/lib/ldap/replica' that is owned by 'root' instead of 
user 'ldap'. LDAP will write logging there by default but cannot!

Version-Release number of selected component (if applicable):

How reproducible:
Changing owner: it works! Deleting directory: new dir is made with 
wrong owner root and it doesn't work anymore.

Steps to Reproduce:
1. rmdir /var/lib/ldap/replica
2. /etc/init.d/openldap restart => NO REPLICATION!!!
3. chwon ldap:ldap /var/lib/ldap/replica => WORKS!
Actual results:

Expected results:

Additional info:
Comment 1 Mohamed Eldesoky 2004-12-15 10:33:26 EST
Confirmed on RHEL3 Update 3

Now the question, what are the correct permissions for the files
inside that directory ??
Comment 2 NN 2004-12-15 10:58:28 EST
The correct permission should be already be set. Only the OpenLdap 
user should have access to this directory as far as I can see!
=> So it is 700!

Update to No. 3:
3.a) chmod 700 /var/lib/ldap/replica
3.b) chown ldap:ldap /var/lib/ldap/replica => WORKS!
Comment 3 Matthew Miller 2005-04-26 12:11:37 EDT
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.
Comment 4 John Thacker 2006-10-28 13:01:14 EDT
Switching to RHEL 3 Update 3, since FC2 is no longer supported.
Comment 5 RHEL Product and Program Management 2007-10-19 15:12:23 EDT
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.