Description of problem: Please change scripts. And anything else to prevent this.
Could you give us more information? Such as... OS configuration (version, SELinux setup, etc.) DS configuration (e.g., owner(s) of the server(s)?) How to reproduce the problem (did you use Console, ldif2db, ldif2db.pl or something else?) Error message you got (slapd-<id>/logs/errors) If you could let us use your test machine, it'd help us a lot to debug the problem. Thanks, --noriko
This was suggested by richm, that I add this bugzilla. So you can talk to him for more info. Basically with SELinux policy we are setting up the directories that the LDAP program can write to. We are not going to allow it to write to the ldif directory. Rich Suggested that this was the default and should be changed, and asked that I submit a bug report.
Created attachment 120743 [details] background info Sorry, I missed the disscussion on IRC. I attached it to this bug. Thanks!
Verified: PASS test machine: neo.dsdev.sjc.redhat.com Actual test: -------------------- [root@neo ~]# /usr/lib/dirsrv/slapd-neo/db2ldif -n userRoot Exported ldif file: /var/lib/dirsrv/slapd-neo/ldif/neo-userRoot-2007_11_27_153741.ldif ldiffile: /var/lib/dirsrv/slapd-neo/ldif/neo-userRoot-2007_11_27_153741.ldif [27/Nov/2007:15:37:43 -0800] - export userRoot: Processed 9 entries (100%). [27/Nov/2007:15:37:43 -0800] - All database threads now stopped [root@neo ~]# vi /var/lib/dirsrv/slapd-neo/ldif/neo-userRoot-2007_11_27_153741.ldif [root@neo ~]# ------------------------ [root@neo ~]# cat < /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=enforcing # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted