From Bugzilla Helper: User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-1t i686) The openldap libraries try to open a config file in the "current" directory. This is especially annoying if you use LDAP to supply user and / or autofs information which leads to (best case) annoying file system accesses in the current directory when doing "ls" or (worst case) possible security problems if someone puts an ldaprc file in the current directory which does point to a different server or ldap directory. Reproducible: Always Steps to Reproduce: 1. use LDAP for e.g. User information 2. do "ls -la" 3. watch filesystem accesses (strace -etrace=open .... ) [...] open("/etc/openldap/ldap.conf", O_RDONLY) = 3 open("/root/ldaprc", O_RDONLY) = -1 ENOENT (No such file or directory) open("/root/.ldaprc", O_RDONLY) = -1 ENOENT (No such file or directory) open("ldaprc", O_RDONLY) = -1 ENOENT (No such file or directory) [...] Please add the attached patch to the next RPM --- openldap-2.0.7/libraries/libldap/init.c~ Wed Sep 13 02:42:34 2000 +++ openldap-2.0.7/libraries/libldap/init.c Mon Apr 30 18:15:23 2001 @@ -278,9 +278,6 @@ if(path != NULL) { LDAP_FREE(path); } - - /* try file */ - openldap_ldap_init_w_conf(file, 1); }
Created attachment 16846 [details] patch as above as file attachment
Opened the bug with openldap too, ( # 1131)
The patch will be added to openldap-2.0.11-5. Thanks!