[SRU] slapd package cannot be installed when using bash as the default shell

Bug #286063 reported by Gyorgy Nemeth on 2008-10-19
34
This bug affects 3 people
Affects Status Importance Assigned to Milestone
openldap (Ubuntu)
Low
Mathias Gug
Intrepid
Low
Mathias Gug

Bug Description

In Intrepid I'd like to install slapd package and the preinst script gives an error message:
/var/lib/dpkg/tmp.ci/config: line 944: local: can only be used in a function
dpkg: error processing /var/cache/apt/archives/slapd_2.4.11-0ubuntu5_i386.deb (--unpack):
 subprocess pre-installation script returned error exit status 1
Errors were encountered while processing:
 /var/cache/apt/archives/slapd_2.4.11-0ubuntu5_i386.deb

SRU PROCESS
=========

IMPACT
---------

If a system is using /bin/bash as the default sh shell, slapd config script fails during an upgrade from hardy to intrepid.
This is due to the usage of a local statement outside of a function. dash doesn't fail while bash fails.

RESOLUTION
----------------

Remove the local statement in the slapd config script.

PATCH
--------

diff -u openldap-2.4.11/debian/slapd.config openldap-2.4.11/debian/slapd.config
--- openldap-2.4.11/debian/slapd.config
+++ openldap-2.4.11/debian/slapd.config
@@ -185,7 +185,6 @@
                        db_go || true

                        # Make sure the passwords match
- local pass1 pass2
                        db_get slapd/cfgpassword1
                        pass1="$RET"
                        db_get slapd/cfgpassword2

TESTCASE
-------------

Install slapd in hardy.

Change the default shell to bash:

$ sudo ln -sf /bin/bash /bin/sh

Do an upgrade - enter a new password for the cn=config backend.

Expected Result:
The upgrade completes and upon reboot slapd is running with a cn=config backend:

$ ldapsearch -b "cn=config" -D "cn=admin,cn=config" -x -W

The command should return a long list of ldap attributes in ldif format.

Potential regression
--------------------------
None.

Morten Siebuhr (msiebuhr) wrote :

Happens when installing/upgrading the slapd package.

Removing /etc/ldap allow installing the packages. Unfortunatly, it also means that the configuration is not converted to the new ldif format.

Changing the configuration format in /etc/default is my current workaround but it would be very useful to have more information on :

- how to "manually" migrate the configuration
- why the default configuration format was changed ? (what are the benefits).

I didn't saw those information in the NEWS file (maybe I missed them).

Mathias Gug (mathiaz) wrote :

Could you confirm that you're using bash as the default shell? Where does the /bin/sh link point to?

Changed in openldap:
importance: Undecided → Medium
status: New → Incomplete
Morten Siebuhr (msiebuhr) wrote :

I have the following set:

    ~ >ls -lh /bin/sh
    lrwxrwxrwx 1 root root 9 2007-10-28 10:59 /bin/sh -> /bin/bash
    ~ >echo $SHELL
    /usr/bin/tcsh

The local statement is used in the main slapd.config script which is not supported by bash. However dash, the default shell, doesn't complain.

Changed in openldap:
status: Incomplete → Triaged
importance: Medium → Low

On Mon, Oct 27, 2008 at 12:12 PM, Mathias Gug <email address hidden> wrote:
> Could you confirm that you're using bash as the default shell? Where
> does the /bin/sh link point to?

My default shell is bash

$ ls -l /bin/sh
lrwxrwxrwx 1 root root 4 2007-05-15 00:40 /bin/sh -> bash

I understand that default shell is dash but I think an insallscript
shouldn't depend on a concrete shell (or if depends then it should
point on it also in the first line.

--
Friczy

Note that this will cause an upgrade failure for any users who have slapd installed and /bin/sh -> /bin/bash. Since this is a perfectly valid configuration, this should probably be added to the 8.10 release notes, with a recommendation that users temporarily change the default shell to dash (dpkg-reconfigure dash) before starting the upgrade.

Mathias Gug (mathiaz) on 2008-11-05
Changed in openldap:
assignee: nobody → mathiaz
importance: Undecided → Low
status: New → In Progress
Mathias Gug (mathiaz) on 2008-11-05
description: updated
Martin Pitt (pitti) wrote :

Accepted into intrepid-proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in openldap:
status: In Progress → Fix Committed
Mathias Gug (mathiaz) on 2008-11-05
Changed in openldap:
assignee: nobody → mathiaz
status: Triaged → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openldap - 2.4.11-0ubuntu7

---------------
openldap (2.4.11-0ubuntu7) jaunty; urgency=low

  * Don't use local statement in config script as it fails if /bin/sh
    points to bash (LP: #286063).

 -- Mathias Gug <email address hidden> Tue, 04 Nov 2008 20:03:46 -0500

Changed in openldap:
status: Fix Committed → Fix Released
Martin Pitt (pitti) wrote :

Any testers?

Anderson (amg1127) wrote :

Sorry for the slow response.

Both slapd 2.4.11-0ubuntu6 and 2.4.11-0ubuntu6.1 installed perfectly in my virtual system, with "/bin/sh" pointing to "bash".

In my production server, slapd 2.4.11-0ubuntu6.1 also installed well...

Martin Pitt (pitti) wrote :

Thank you!

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openldap - 2.4.11-0ubuntu6.1

---------------
openldap (2.4.11-0ubuntu6.1) intrepid-proposed; urgency=low

  * Don't use local statement in config script as it fails if /bin/sh
    points to bash (LP: #286063).

 -- Mathias Gug <email address hidden> Tue, 04 Nov 2008 19:12:06 -0500

Changed in openldap:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers