By default, the Ubuntu AppArmor profile for slapd prevents it from writing databases to anywhere but /var/lib/ldap. You'll need to modify the usr.sbin.slapd profile in /etc/apparmor.d to correct the problem.
On Mon, Jun 15, 2009 at 10:21 AM, Klaus Lemkau
<klaus.lemkau@tu-berlin.de> wrote:
Hi Francesco,
Francesco Cicolani wrote:
Hi Klaus,
thx for your reply.
I checked ownership and permissions on /var/lib/ldap:
francesco@bob:/var/lib$ ls -l | grep ldap
drwxr-xr-x 5 openldap openldap 4096 2009-06-15 17:03 ldap
that are only the permissions of the directoy
/var/lib/ldap
maybe, You accidently changed the owner of the files in the directory ?
So whats the output of
ls -l var/lib/ldap/*
?
is that the directory, You spcified in Your slapd-config-file ?
while the two subdirs I'm trying to place bdb data files and logs have:
francesco@bob:/var/lib$ ls -l ldap
[...]
drwxr-xr-x 2 openldap openldap 4096 2009-06-14 18:39 bdbdata
drwxr-xr-x 2 openldap openldap 4096 2009-06-14 18:39 bdblogs
[...]
the same as above:
ls -l var/lib/ldap/bdbdata/
ls -l var/lib/ldap/bdblogs/
Greetings
Klaus
During test, I also tried to change permissions on bdbdata and bdblogs to 775 and even 777: but I had no success in getting bdb log.0000000001 accessible when placed in bdblogs.
I'm running short of ideas... I'm even wondering if someone else had similar problems when trying to set different dir for data files and logs...
see you
fra
--- On Sun, 6/14/09, Klaus Lemkau <klaus.lemkau@tu-berlin.de> wrote:
From: Klaus Lemkau <klaus.lemkau@tu-berlin.de>
Subject: Re: openLDAP with Berkeley DB - "Permission denied" problems after setting different data and log directories in DB_CONFIG
To: "Francesco Cicolani" <francescocicolani@yahoo.it>
Cc: openldap-technical@openldap.org
Date: Sunday, June 14, 2009, 9:03 PM
Hi Francesco,
likely the files in
/var/lib/ldap/
have the wrong owner (root?).
chown -R openldap:openldap /var/lib/ldap
should solve Your problem.
Greetings
Klaus