Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 219573

Summary: server should support ldapi (unix domain socket) interface
Product: [Retired] 389 Reporter: Rich Megginson <rmeggins>
Component: Directory ServerAssignee: Rich Megginson <rmeggins>
Status: CLOSED DUPLICATE QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0.4CC: abartlet, benl, prowley
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-05 16:12:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rich Megginson 2006-12-14 00:23:24 UTC 
(Filed on behalf of abartlet)
The directory server should support the ldapi interface.  This means the server
needs to be able to listen to a unix domain socket.  This may also mean the
server needs to recognize and support LDAP URLs of the form "ldapi://<unix
domain socket>" where <unix domain socket> is the path and filename of the
socket.  This is primarily to support Heimdal kerberos which can already use an
LDAP backend if the LDAP server can listen on a unix domain socket.
Comment 1 Andrew Bartlett 2006-12-14 00:28:08 UTC 
Samba4 would also benifit in particular from ldapi:// and the ability to bind
with a SASL EXTERNAL bind (and then impersonate the actual user, for it's proxy
operation).
Comment 2 Andrew Bartlett 2007-01-31 00:15:06 UTC 
This is also a blocker for Samba4/FDS automated testing, as our test rig creates
a virtual network (using socket_wrapper) that FDS cannot be a part of.  We need
ldapi:// to communicate without using IP networking.

In an attempt to make Samba4's test environment as reproducible as possible, and
to avoid issues with root privilages as low ports, Samba4 operates a virtual
network known as 'socket_wrapper'.  

This wrapper is a #define macro based system, which overloads all socket calls,
and redirects them to a series of unix domain sockets.

The challenge I have is that our testsuite relies on this, but Fedora DS does
not support it.  As such, attempts to connect to localhost:3389 (for example)
are redirected to a local unix domain socket, where of course Fedora DS is not
listening.

For OpenLDAP, we work around this by using ldapi://, which is unmolested by
socket_wrapper.  

Has there been any progress on
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219573

I would rather not waste time constructing proxies in/out of socket_wrapper if I
don't need to.
Comment 3 Rich Megginson 2007-10-05 16:12:42 UTC 

*** This bug has been marked as a duplicate of 229280 ***