Description of problem:
Seems like opeldap is built without tcp_wrappers support in RHEL6.
Is that by design or a bug?
I believe RHEL5 openldap packages had tcp_wrappers enabled?
I can confirm that this is a regression between RHEL-6 and RHEL-6.1. It was brought in by package rebase.
The fix is easy:
diff -u -r1.130 openldap.spec
--- openldap.spec 20 Sep 2011 11:52:35 -0000 1.130
+++ openldap.spec 4 Oct 2011 09:10:54 -0000
@@ -245,7 +245,7 @@
- --with-wrappers \
+ --enable-wrappers \
Why do we need it?
Well, in RHEL5 I used it for access control.
Of course the server supports ip based acl and there are always iptables available. However, at least the change must be documented.
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
- openldap-server installed
- host based ACLs do not work
- updated configure flags to enable TCP wrappers
- host based ACLs work
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.