The fix for bug 181032 is causing nsslapd-timelimit of -1 to be disallowed. In 7.1 and according to RHDS 8.0 manual, -1 means infinite time limit. 7.1 had some code that indicated someone might have thought <0 was illegal, but that code didn't do anything. In 8.0 the code returns operations error.
Created attachment 322795 [details] trivial fix proposal
The fix in comment#1 looks good, and is consistent with the behavior outlines in the documentation. Checked fix into ldapserver (HEAD). Checking in ldap/servers/slapd/libglobs.c; /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v <-- libglobs.c new revision: 1.30; previous revision: 1.29 done
fix verified RHEL 4 [root@jennyv4 jenny]# ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep nsslapd-timelimit nsslapd-timelimit: 3600 nsslapd-timelimit: 3600 1. stop server 2. edit dse.ldif nsslapd-timelimit: -1 3. start server - no errors [root@jennyv4 jenny]# ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep nsslapd-timelimit nsslapd-timelimit: -1 nsslapd-timelimit: 3600 second attributes belong to container: dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-0455.html