With the package from proposed:
Version table:
*** 2.4.48+dfsg-1ubuntu1.2 500
500 http://br.archive.ubuntu.com/ubuntu eoan-proposed/main amd64 Packages
100 /var/lib/dpkg/status
ldapsearch works:
root@eoan-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
Eoan verification
First, reproducing the bug:
Version table: dfsg-1ubuntu1. 1 500 br.archive. ubuntu. com/ubuntu eoan-updates/main amd64 Packages br.archive. ubuntu. com/ubuntu eoan-security/main amd64 Packages dpkg/status
*** 2.4.48+
500 http://
500 http://
100 /var/lib/
ldapsearch fails: openldap- saslauthd- 1557157: ~# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN interactive_ bind_s: Other (e.g., implementation specific) error (80)
root@eoan-
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_
additional info: SASL(-1): generic failure: Password verification failed
And dmesg shows the apparmor DENIED message: 2.756:559) : apparmor="DENIED" operation="connect" namespace= "root// lxd-eoan- openldap- saslauthd- 1557157_ <var-snap- lxd-common- lxd>" profile= "/usr/sbin/ slapd" name="/ run/saslauthd/ mux" pid=162867 comm="slapd" requested_mask="wr" denied_mask="wr" fsuid=1000111 ouid=1000000
[17713.076558] audit: type=1400 audit(159422920
With the package from proposed: dfsg-1ubuntu1. 2 500 br.archive. ubuntu. com/ubuntu eoan-proposed/main amd64 Packages dpkg/status
Version table:
*** 2.4.48+
500 http://
100 /var/lib/
ldapsearch works: openldap- saslauthd- 1557157: ~# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN
root@eoan-
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
And there is no DENIED message in dmesg.
eoan verification succeeded.