[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6907) openldap 2.4.25 segfaults when using apache directory studio to rename objects



--On Wednesday, April 13, 2011 3:09 PM +0000 quanah@zimbra.com wrote:


As a follow up -- This issue is caused by instantiating overlays outside of 
the database.  Specifically this will trigger the problem:

# INCLUDES
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/dyngroup.schema

# RUNFILE LOCATIONS
pidfile	/usr/local/var/run/openldap/slapd.pid
argsfile /usr/local/var/run/openldap/slapd.args

security ssf=127

# MODULES
modulepath /usr/local/libexec/openldap
moduleload back_hdb
moduleload refint
moduleload dynlist
moduleload memberof

# OVERLAYS AND OVERLAY CONFIG
overlay refint
refint_attributes member uniqueMember seeAlso
refint_nothing cn=EMPTY

overlay dynlist
dynlist-attrset  groupOfURLs memberURL member

overlay memberof
memberof-refint TRUE

# DATABASE
database hdb
directory /usr/local/var/openldap-data

# GLOBAL LDAP SETTINGS
suffix "dc=example,dc=org"
rootdn "cn=root,dc=example,dc=org"
rootpw blahblahblah

# SSL / TLS - note - these are all real, valid, issued certs.
TLSCACertificatePath	/etc/ssl/certs
TLSCACertificateFile	/etc/ssl/certs/gd_bundle.crt
TLSCertificateFile	/etc/ssl/certs/ldap.example.org.combined.crt
TLSCertificateKeyFile	/etc/ssl/private/ldap.example.org.key

access to * by * write

# PERFORMANCE
index objectClass eq
index cn eq,sub,pres,approx
index uid eq,sub,pres
index sn eq,sub,approx
index member eq
index givenName eq,sub,approx
index mail eq,sub,approx

#limits
limits users size=10000 size.pr=unlimited



--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration