Bug 162691 - LDAP init script starts daemon with invalid syntax, outputs parse error in debug mode
LDAP init script starts daemon with invalid syntax, outputs parse error in de...
Status: CLOSED WORKSFORME
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openldap (Show other bugs)
4.0
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Jan Safranek
Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-07-07 14:06 EDT by Eli Stair
Modified: 2015-01-07 19:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-04 04:56:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Eli Stair 2005-07-07 14:06:05 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4

Description of problem:
The default init script (/etc/rc.d/init.d/ldap) performs a check of the config file (/etc/openldap/slapd.conf) to check for whether to run over an SSL port by grepping for /^TLS/.

If TLS options are _not_ set, the daemon is started with:
  -u ldap -h "ldap:///" 
And results in a proper startup:
  <snip>
daemon_init: listen on ldap:///
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap:///)
daemon: initialized ldap:///
daemon_init: 2 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
  </snip>

If TLS options are set, the daemon is started with:
  -u ldap -h '"ldap:/// ldaps:///"'
And results in:
  <snip>
daemon_init: listen on "ldap:///
daemon_init: listen on ldaps:///"
daemon_init: 2 listeners to open...
ldap_url_parse_ext("ldap:///)
daemon: listen URL ""ldap:///" parse error=3
slapd stopped.
connections_destroy: nothing to destroy.
  </snip>
When removing the single quotes from the URL spec results in a proper startup:
  <snip>
daemon_init: listen on ldap:///
daemon_init: listen on ldaps:///
daemon_init: 2 listeners to open...
ldap_url_parse_ext(ldap:///)
daemon: initialized ldap:///
ldap_url_parse_ext(ldaps:///)
daemon: initialized ldaps:///
daemon_init: 4 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
  </snip>


Version-Release number of selected component (if applicable):
openldap-servers-2.2.13-2

How reproducible:
Always

Steps to Reproduce:
1. Install openldap server RPM.
2. Create certs and specify with TLS* lines.
3. Watch it burn.  

  

Actual Results:  Doesn't start the slapd daemon.

Expected Results:  Should start the slapd daemon.

Additional info:

This reminds me of the previous init script for EL3 bind9 initscript that didn't work with chroot... simple fix also.
Comment 1 Jan Safranek 2007-06-04 04:56:40 EDT
It seems to me that the single quote is there intentionally - the daemon()
function removes it (at least in RHEL-4.5) and slapd is called with -u "ldap:///
ldaps:///".

Note You need to log in before you can comment on or make changes to this bug.