Permissions for ldapi:// socket are too restrictive
Bug #114438 reported by
Martin Emrich
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openldap2.2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Dapper |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
On dapper i386, slapd creates the ldapi:// socket with
srwxr-xr-x 1 root root 0 2007-05-03 19:24 /var/run/ldapi
So only root processes can communicate with slapd via the unix socket. After setting it to
srwxrwxrwx 1 root root 0 2007-05-03 19:33 /var/run/ldapi
libnss-ldap et.al. work properly. I found this thread on the openldap mailing list:
http://
I fixed it here by adding these three lines right after start_slapd and start_slurpd in my /etc/init.d/slapd file:
if [ -S /var/run/ldapi ]; then
fi
Ciao
Martin
Revision history for this message
| Mathias Gug (mathiaz) wrote | #1 |
| Changed in openldap2.2: | |
| status: | New → Fix Released |
Revision history for this message
| JC Hulce (soaringsky) wrote | #2 |
| Changed in openldap2.2 (Ubuntu Dapper): | |
| status: | New → Invalid |
To post a comment you must log in.
Thank you for taking the time to report this bug and helping to make Ubuntu better. However, I am closing it because the bug has been fixed in the latest development version of Ubuntu - the Intrepid Ibex.
This is a signficant bug in Ubuntu. If you need a fix for the bug in previous versions of Ubuntu, please do steps 1 and 2 of the SRU Procedure [1] to bring the need to a developer's attention.
[1]: [WWW] https:/