[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Upgrade from 2.4.40 to 2.4.44

To: Quanah Gibson-Mount <quanah@symas.com>
Subject: Re: Upgrade from 2.4.40 to 2.4.44
From: Ondřej Kuzník <ondra@mistotebe.net>
Date: Fri, 15 Sep 2017 17:54:15 +0200
Cc: Ryan Tandy <ryan@nardis.ca>, rammohan ganapavarapu <rammohanganap@gmail.com>, openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <0F9492D9245B8DFC7FFD2490@[192.168.1.30]>
References: <CALm_VjhbmFFmP4qAsT8_yoPvsnWveAPT6O_2j1aibx6zumN+Ag@mail.gmail.com> <WM!2b27804d1962c89ca60ba6b779a9a7b5e4e4ec48313350811fd70226bb045af70095c25acfcf2c6f7407bb706df0f16c!@mailstronghold-3.zmailcloud.com> <4AA27E7AC368477495247EAC@192.168.1.30> <CALm_VjhPWWj8VvAEf1RVW9vt0mMKTZgFZrYOWHY4BU648eYyWA@mail.gmail.com> <CALm_VjjREd+vrnyPzff=CZhLj5Km2db6h0Um1gZikxPKS89uBQ@mail.gmail.com> <WM!e61ec67741ca68ce40722018577bfda7ccba7be6dc42eecc6968ff0f8f2e6b509bda7166b26b0e5ada4446e2073ae18b!@mailstronghold-1.zmailcloud.com> <F324AE13FC863D02F5CF8D73@[192.168.1.30]> <20170915151811.fsmgrmz4kvbha4so@comet.nardis.ca> <WM!1c6b0261b7b43298cd59ea014c5f6f9e70e59ae579f67377e92fd85a265e103512de1c4018c392b114e1fddffad5f905!@mailstronghold-2.zmailcloud.com> <0F9492D9245B8DFC7FFD2490@[192.168.1.30]>
User-agent: Mutt/1.5.23 (2014-03-12)

On Fri, Sep 15, 2017 at 08:28:25AM -0700, Quanah Gibson-Mount wrote:
> --On Friday, September 15, 2017 9:18 AM -0700 Ryan Tandy <ryan@nardis.ca>
> wrote:
> 
>> IIRC slapcat doesn't work in this case, because it fails to initialize
>> the ppolicy module.
>> 
>> The linked CentOS and RHEL bugs recommend downgrading slapd to the
>> previously working version and using ldapmodify.
> 
> Yeah, that's ugly :/  Another reason we really need to get slapmodify out,
> and some way to execute it with an option to not load modules or similar.

I guess I should document how you can do that with slapmodify already.

The easiest way, so for simplicity of explanation let's use slapd.conf,
cn=config can still be used:
- put your broken cn=config into another directory (cn=recovery),
  symlinking might work
- set up a slapd.conf:
  database ldif
  directory <dir>
  suffix cn=recovery
- start slapmodify with above config and no schema checking, make your
  changes to ...,cn=config,cn=recovery
- move your config back where you need it

That's it, no modules loaded and no cn=config checking for this either,
for better or worse.

-- 
Ondřej Kuzník
Senior Software Engineer
Symas Corporation                       http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP

Follow-Ups:
- Re: Upgrade from 2.4.40 to 2.4.44
  - From: Michael Ströder <michael@stroeder.com>

References:
- Upgrade from 2.4.40 to 2.4.44
  - From: rammohan ganapavarapu <rammohanganap@gmail.com>
- Re: Upgrade from 2.4.40 to 2.4.44
  - From: rammohan ganapavarapu <rammohanganap@gmail.com>
- Re: Upgrade from 2.4.40 to 2.4.44
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Upgrade from 2.4.40 to 2.4.44
  - From: Ryan Tandy <ryan@nardis.ca>
- Re: Upgrade from 2.4.40 to 2.4.44
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Re: Upgrade from 2.4.40 to 2.4.44
Next by Date: Re: Upgrade from 2.4.40 to 2.4.44
Index(es):
- Chronological
- Thread