© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hey Julián,
Thanks for doing that work. I have not had time to read your edits on doc.ubuntu.com in detail yet, but want to add an issue worth mentioning in these pages.
If one tries to create a second branch on the DIT, openldap wants to store that in a separate backend. If we want to do this next to the initial backend, on /var/lib/ldap2/ for example, then apparmor kicks in to block slapd from writing to a directory it has not been authorized to hit. The error message generated by openldap does not prove very helpful---I was only saved by finding a message on the subject on the web.
It would be useful to mention that apparmour might become an issue for any expansion of the DIT to a second backend. It would also be elegant to explain how to modify apparmour correctly to allow this second backend but that's getting far afield so I could understand mentioning the issue and moving on. I personally hacked my apparmour quick and dirty but am not working on a production server.
cheers, --adrian