[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using {CRYPT} for rootpw, using SHA512?

Brian Reichert wrote:

On Thu, Aug 14, 2014 at 01:48:20PM -0700, Quanah Gibson-Mount wrote:

--On Thursday, August 14, 2014 2:45 PM -0700 Quanah Gibson-Mount
<quanah@zimbra.com> wrote:


SHA512 works fine for me with 2.4.39.


I concede, it should be straightforward.


More specifically, I build openldap myself,


That was my first speedbump, oddly enough.

This is a CentOS 6.5 box.  I removed CentOS's openldap-servers and
openldap-clients RPMs.  The core openldap RPM is still in place,
as CentOS has somee dependancies.

I installed openldap-ltb-2.4.39-2.el6.x86_64.rpm and
berkeleydb-ltb-4.6.21.NC-4.el6.patch4.x86_64.rpm from the LTB repo.
Successfully spun up slapd, using the shiny new mdb backend I
referred to in another thread.

Then:

   # lwp-download ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.39.tgz
   # tar -zxf openldap-2.4.39.tgz
   # cd openldap-2.4.39
   # ./configure
   ...
   checking db.h usability... no
   checking db.h presence... no
   checking for db.h... no
   configure: error: BDB/HDB: BerkeleyDB not available
   # rpm -q db4 berkeleydb-ltb
   db4-4.7.25-18.el6_4.x86_64
   berkeleydb-ltb-4.6.21.NC-4.el6.patch4.x86_64


Most likely you only installed the library, but you need the -devel package.
You could, of course, also configure --disable-bdb --disable-hdb and ignore it, since you're using mdb. 

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/