Bug 746758 - minssf should not apply to rootdse
minssf should not apply to rootdse
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: 389-ds-base (Show other bugs)
15
All Linux
unspecified Severity low
: ---
: ---
Assigned To: Rich Megginson
Fedora Extras Quality Assurance
: screened
Depends On:
Blocks: 690319 768086
  Show dependency treegraph
 
Reported: 2011-10-17 13:33 EDT by Jr Aquino
Modified: 2012-08-06 15:58 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 768086 (view as bug list)
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jr Aquino 2011-10-17 13:33:20 EDT
Description of problem:
LDAP Standard requires that rootdse be always available anonymously and unencrypted.

389 DS prevents the lookup when minssf is set and an unencrypted query for rootdse is performed.

How reproducible:
Always

Steps to Reproduce:
1. Set minssf in dse.ldif
2. ldapsearch -x -H ldap://`hostname` -s base -b ""
3. ldap_bind: Server is unwilling to perform (53)
	additional info: Minimum SSF not met.
  
Actual results:
ldap_bind: Server is unwilling to perform (53)
	additional info: Minimum SSF not met.

Expected results:
To return results for rootdse

Additional info:
Comment 2 Rich Megginson 2012-01-09 10:35:54 EST
Upstream ticket:
https://fedorahosted.org/389/ticket/168
Comment 3 Noriko Hosoi 2012-01-18 14:13:03 EST
Fixed.

See https://fedorahosted.org/389/ticket/168#comment:8 for the steps to verify.
Comment 4 Fedora End Of Life 2012-08-06 15:56:10 EDT
This message is a notice that Fedora 15 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 15. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained.  At this time, all open bugs with a Fedora 'version'
of '15' have been closed as WONTFIX.

(Please note: Our normal process is to give advanced warning of this 
occurring, but we forgot to do that. A thousand apologies.)

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, feel free to reopen 
this bug and simply change the 'version' to a later Fedora version.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we were unable to fix it before Fedora 15 reached end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" (top right of this page) and open it against that 
version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 5 Fedora End Of Life 2012-08-06 15:58:29 EDT
This message is a notice that Fedora 15 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 15. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained.  At this time, all open bugs with a Fedora 'version'
of '15' have been closed as WONTFIX.

(Please note: Our normal process is to give advanced warning of this 
occurring, but we forgot to do that. A thousand apologies.)

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, feel free to reopen 
this bug and simply change the 'version' to a later Fedora version.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we were unable to fix it before Fedora 15 reached end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" (top right of this page) and open it against that 
version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Note You need to log in before you can comment on or make changes to this bug.