Bug 370411 - RPM for openldap ppolicy overlay module (patch included)
RPM for openldap ppolicy overlay module (patch included)
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: openldap (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Jan Safranek
Depends On:
  Show dependency treegraph
Reported: 2007-11-07 16:40 EST by James Saint-Rossy
Modified: 2009-01-20 15:53 EST (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-01-20 15:53:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch to generate openldap-servers-ppolicy RPM (2.83 KB, patch)
2007-11-07 16:40 EST, James Saint-Rossy
no flags Details | Diff

  None (edit)
Description James Saint-Rossy 2007-11-07 16:40:43 EST
Description of problem:

The is no RPM available on the RHN to provide the ppolicy overlay module for

The overlay provides a variety of password control mechanisms. They include
password aging--both minimum and maximum ages, password reuse and duplication
control, account time-outs, mandatory password resets, acceptable password
content, and even grace logins. 

Version-Release number of selected component (if applicable):
All versions including openldap-2.3.27-8

How reproducible:

Steps to Reproduce:
1.  edit slapd.conf and add
      modulepath    /usr/lib64/openldap
      moduleload      ppolicy.la
2.  Restart slapd
      service ldap restart
Actual results:
Stopping slapd:                                            [  OK  ]
Checking configuration files for slapd:  lt_dlopenext failed: (ppolicy.la) file
not found
slaptest: bad configuration file!

Expected results:
Stopping slapd:                                            [  OK  ]
Checking configuration files for slapd:  config file testing succeeded
                                                           [  OK  ]
Starting slapd:                                            [  OK  ]

Additional info:

I have attached a patch to be applied to the openldap.spec file.  This will
create a separate RPM called openldap-servers-ppolicy-2.3.27-8.arch.rpm which is
similar to how the sql overlay module is created.
Comment 1 James Saint-Rossy 2007-11-07 16:40:43 EST
Created attachment 250921 [details]
Patch to generate openldap-servers-ppolicy RPM
Comment 2 Johan Kok 2008-04-05 05:32:40 EDT
Just found out that the man pages for ppolicy are currently in the openldap-servers package, but the 
module itself is not. Is it possible to either add the module to the openldap-servers package or package 
both manual and module in a separate openldap-servers-ppolicy rpm? Thanks! 
Comment 3 John O'Loughlin 2008-04-05 18:06:33 EDT
Similarly, the syncprov module is not in the openldap-servers rpm and I can't
find a seperate rpm for it. Although, as above, the documentation for the module
is included:

[root@eps-ldap01 ~]# rpm -ql openldap-servers | grep syncprov

Comment 4 Ralph Angenendt 2008-04-07 06:45:34 EDT
http://bugs.centos.org/view.php?id=2475 has a pointer to rebuilt openldap rpms
which fix that issue (the overlays are in the openldap-overlays rpm). This also
includes smbk5pwd from the contrib directory.
Comment 5 RHEL Product and Program Management 2008-06-09 03:34:24 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
Comment 10 errata-xmlrpc 2009-01-20 15:53:35 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.