[Bug 632051] Re: slapd dist-upgrade chown: invalid argument: `'

mike Bernson mike at mlb.org
Tue Sep 7 21:11:23 BST 2010 

batch at work-isp:~$ sudo sh -c "ls -l /etc/ldap/slapd.d/cn=config/olcDatabase*"
ls: cannot access /etc/ldap/slapd.d/cn=config/olcDatabase*: No such file or directory

batch at work-isp:~$ sudo sh -c "grep olcSuffix: /etc/ldap/slapd.d/cn=config/olcDatabase*"
grep: /etc/ldap/slapd.d/cn=config/olcDatabase*: No such file or directory

batch at work-isp:~$ sudo sh -c "grep olcDbDirectory: /etc/ldap/slapd.d/cn=config/olcDatabase*"
grep: /etc/ldap/slapd.d/cn=config/olcDatabase*: No such file or directory

batch at work-isp:~$ ls /etc/ldap
data  ldap.conf  ldap.doc  sasl2  schema  slapd.conf


batch at work-isp:~$ ls -R /etc/ldap
/etc/ldap:
data  ldap.conf  ldap.doc  sasl2  schema  slapd.conf

/etc/ldap/data:
aa         data.ldif.try1  data.ldif.try3  intervivaz.ldif
data.ldif  data.ldif.try2  data.ldif.try4  reload

/etc/ldap/sasl2:

/etc/ldap/schema:
amavis.schema         core.schema         inetorgperson.schema  nis.schema
authldap.schema       cosine.ldif         java.schema           openldap.ldif
authldap.schema.orig  cosine.schema       misc.ldif             openldap.schema
collective.schema     duaconf.schema      misc.schema           pmi.schema
corba.schema          dyngroup.schema     nadf.schema           ppolicy.schema
core.ldif             inetorgperson.ldif  nis.ldif              README


ldap.conf:
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE	dc=example,dc=com
#URI	ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never

slapd.conf:
include /etc/ldap/schema/core.schema
##include /etc/ldap/schema/collective.schema
##include /etc/ldap/schema/corba.schema
include /etc/ldap/schema/cosine.schema
##include /etc/ldap/schema/duaconf.schema
##include /etc/ldap/schema/dyngroup.schema
include /etc/ldap/schema/inetorgperson.schema
##include /etc/ldap/schema/java.schema
#include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/nis.schema
##include /etc/ldap/schema/openldap.schema
##include /etc/ldap/schema/ppolicy.schema
##include /etc/ldap/schema/pmi.schema
#include /usr/local/etc/ldap/samba.schema
#include /usr/local/etc/ldap/sq_prefs.schema
#include /usr/local/etc/ldap/squirrelmail.schema.OpenLDAP-2.1.x
include /etc/ldap/schema/authldap.schema

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd/slapd.args
# Read slapd.conf(5) for possible values
#loglevel        none
#loglevel         filter stats
loglevel         stats
#loglevel         32767

# Where the dynamically loaded modules are stored
modulepath      /usr/lib/ldap
moduleload      back_hdb
moduleload      syncprov

# The maximum number of entries that is returned for a search operation
sizelimit 5000

# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1

# specific Backend Directives for hdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
database        hdb
suffix          "dc="domain"
rootdn          "cn=admin,dc=domain"
rootpw          "{SSHA}<some text for a password>"
directory       "/var/lib/ldap"

#add to indexes to the below list
#/etc/init.d/slapd stop
#slapindex -f /etc/ldap/slapd.conf
#cd /var/lib/ldap; chown openldap:openldap *
#/etc/init.d/slapd start

index           objectClass,mail,mailbox,associatedDomain eq
index           uid eq
index       uidNumber eq
index       gidNumber eq

dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
lastmod         on

# 1) user confirm this is their record
# 2) pam to validate a password for this dn
# 3) pam to change a password for this dn
#we do a start <-> end match so this is for xxx.ltcd.com style
access to dn.regex="^uid=([^,]+),ou=people,dc=([^,]+),dc=([^,]+).dc=([^,]+),dc=domain$"
    attrs=userPassword,shadowLastChange
    by anonymous auth
    by dn.exact="cn=dovecot,dc=global,dc=domain" read
    by dn.exact,expand="cn=admin,dc=$2,dc=$3,dc=$4,dc=domain" write
    by self write
    by * none

#this is start <-> end need for those xxxx.com style
access to dn.regex="^uid=([^,]+),ou=people,dc=([^,]+),dc=([^,]+),dc=domain$"
    attrs=userPassword,shadowLastChange
    by anonymous auth
    by dn.exact="cn=dovecot,dc=global,dc=domain" read
    by dn.exact,expand="cn=admin,dc=$2,dc=$3,dc=$4,dc=domain" write
    by self write
    by * none

#this is start <-> end need for those xxxx.com style
access to dn.regex="^uid=([^,]+),ou=people,dc=([^,]+),dc=([^,]+),dc=domain$"
    attrs=userPassword,shadowLastChange
    by anonymous auth
    by dn.exact="cn=dovecot,dc=global,dc=domain" read
    by dn.exact,expand="cn=admin,dc=$2,dc=$3,dc=domain" write
    by self write
    by * none

# Ensure read access to the base for things like
# supportedSASLMechanisms.  Without this you may
# have problems with SASL not knowing what
# mechanisms are available and the like.
# Note that this is covered by the 'access to *'
# ACL below too but if you change that as people
# are wont to do you'll still need this if you
# want SASL (and possible other things) to work
# happily.
access to dn.base="" by * read

# The admin dn has full write access, everyone else
# can read everything.
#   by anonymous auth
#    by users read
#    by self write

# user after logged in do not bind to get uid and lose login name
access to *
    by * read

-- 
slapd dist-upgrade chown: invalid argument: `'
https://bugs.launchpad.net/bugs/632051
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.

More information about the Ubuntu-server-bugs mailing list