[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Looks like a bug 8'(



Hi I can try to answer the stuff about the version (haven't read much 
of the thread... but here goes).

Try starting your ldap server with debug flag 1

/path/to/libexec/slapd -d 1 -h "ldap://127.0.0.1:389/"; [etc]

For a solaris build that I have, it comes up as (/etc/init.d/slapd is 
a wrapper script I wrote)

root@myserver[4] /etc/init.d/slapd debug
starting slapd in debug mode: 1
@(#) $OpenLDAP: slapd 2.0.27-Release (Mon Jan  6 13:05:15 PST 2003) $
        root@pinnacle:/work/openldap-2.0.27/servers/slapd
daemon_init: listen on ldap://myserver:389/
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://myserver:389/)
daemon: initialized ldap://myserver:389/
daemon_init: 1 listeners opened
slapd init: initiated server.
TLS: PRNG not been seeded with enough data
slapd startup: initiated.
slapd starting

Check your DB as well (I've compiled mine against bdb.3.3.11)

HTH

Jan-Michael


----- Original Message -----
From: "Emmanuel Blot" <emmanuel.blot@free.fr>
Date: Sunday, February 2, 2003 3:48 pm
Subject: Re: Looks like a bug 8'(

> > Don't let the folks on the list guess:
> > what exaclty were the circumstances ?
> > - exact OpenLDAP version
> 
> I wish I know how to get the version - I would have reported it if 
> I knew how to obtain it for
> sure.
> I know it's OpenLDAP 2.1.x, but I'm not sure of the build. Perhaps 
> 2.1.4I'm surprised slapd daemon does not have a -v or --version 
> command line swtich: it will help.
> 
> > - Hardware (CPU)
> 
> AMD Athlon 1.1GHz on an AsusTech A7M266 motherboard as far as I 
> remember (this is from a remote
> server)
> 
> > - OS
> 
> Linux 2.4.18 SuSE 8.0 - but I've recompiled OpenLDAP from the 
> source (SuSE 8.0 comes with
> OpenLDAP 2.0.x and I need <= & >= comparison operators in filters)
> I may have the configure log files somewhere. Would that help ?
> 
> > - your input
> 
> Something really basic with ldapsearch:
> 
> ldapsearch -D "uid=<login>,<baseDN>" -b "<baseDN>" -x -W 'cn=<aCN>'
> 
> I guess the problem comes from a specific ACL rule with cn and uid 
> attributes involved
> 
> Something like:
> 
> loglevel 992
> access to attr=uid,cn
>       by group="cn=administrators,<baseDN>" write
>       by users read
>       by * read
> 
> The last-but-one line is useless, but I was trying different 
> syntax at that time: I discovered
> the problem by looking at the syslog output file some seconds later.
> 
> > Is the error reproduceable ?
> 
> Probably, but I did not keep the ACL that led to this issue. I 
> should have, but I'm trying to
> get the ACL to work for over than 1 month, so I focus on this main 
> point since this is getting
> really annoying: I wish I could focus on other issues than ACLs 
> 8') ...
> If I can reproduce this issue, I will keep the ACL.
> 
> Regards,
> Emmanuel.
> 
>