Red Hat Bugzilla – Bug 612602
openldap-servers doesn't install /etc/openldap/slapd.conf
Last modified: 2013-03-03 20:27:23 EST
Description of problem:
After installation of openldap-servers there is /etc/openldap/slapd.conf.bak but no /etc/openldap/slapd.conf. If I understand the used logic correctly - it should backup old customized config to .bak and install new config. If that view is correct, then the appropriate code should be moved from %post servers to %pre servers, because now the conditional check for upgrade always triggers and kills the installed slapd.conf.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install openldap-servers.
There is /etc/openldap/slapd.conf.bak but no /etc/openldap/slapd.conf.
There should be /etc/openldap/slapd.conf and /etc/openldap/slapd.conf.bak only if upgrading with customized config.
This is an expected behavior. Configuration file /etc/openldap/slapd.conf is deprecated. The %post scriptlet backups your old slapd.conf (if present) and creates new configuration in /etc/openldap/slapd.d/. No slapd.conf is being installed.
However, slapd.conf.bac is really created even if the configuration was already migrated to new format. This will be fixed.
(In reply to comment #1)
> However, slapd.conf.bac is really created even if the configuration was already
> migrated to new format. This will be fixed.
the file is kept for a purpose. This change has been introduced in F12 and as this bug shows, there are still some people unaware of it. That's why I wanted to keep the file, so user configuration can be preserved in a format user knows. Another reason is that the file can be used to fall back to the old config style, which is not supported, but it is still working.
Maybe the correct thing to do here is to add a comment as the first line of slapd.conf.bak explaining why it is no longer used and why does it still exist.
What do you think?
OK, now there is slapd.conf shipped in binary rpm and all the "hacking" is made in post phase, so probably this could be improved and the slapd.conf not shipped in binary rpm.
Also please note that it is a bit confusing to have slapd.d and also slapd.conf.bak after clean install. Wouldn't be better to install the old config to /usr/share/doc/openldap-servers* as slapd.conf.old or slapd.conf.deprecated or similar?
In the next build, default old style configuration file will be available in /usr/share/openldap-servers as slapd.conf.obsolete.
Backup file /etc/openldap/slapd.conf.bak will be created only if your configuration was migrated from old to new style (during package upgrade).
openldap-2.4.21-10.fc13 has been submitted as an update for Fedora 13.
openldap-2.4.22-6.fc14 in Rawhide
openldap-2.4.21-10.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
The /etc/openldap/slapd.conf situation is confusing to me.
Right now the openldap-servers RPM doesn't install an slapd.conf anywhere except /usr/share/openldap-servers/slapd.conf.obsolete. Based on the comments above this seems to be the desired behavior.
However, Section 14.6 of the Fedora 13 Deployment Guide (http://docs.fedoraproject.org/en-US/Fedora/13/html/Deployment_Guide/s1-ldap-quickstart.html#s2-ldap-files-slapd-conf) explains only how to set up OpenLDAP using slapd.conf. It doesn't mention that the file is deprecated, nor doesn't say anything about /etc/openldap/slapd.d/.
Also there is no note in /etc/openldap/ directing where to go now that /etc/openldap/slapd.conf is gone. I can't find anything in the man pages either.
It seems the documentation is outdated. Please, file a bug against "Fedora Documentation" component.
There is probably no information about configuration format change in manual pages. It can be found in official documentation . And if you are looking for manual pages for new configuration file, try "man slapd-config".
Thanks Jan, I filed a bug against the Fedora Docs (Bug 640706).