Permissions for ldapi:// socket are too restrictive
Bug #114438 reported by
Martin Emrich
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap2.2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Invalid
|
Undecided
|
Unassigned |
Bug Description
On dapper i386, slapd creates the ldapi:// socket with
srwxr-xr-x 1 root root 0 2007-05-03 19:24 /var/run/ldapi
So only root processes can communicate with slapd via the unix socket. After setting it to
srwxrwxrwx 1 root root 0 2007-05-03 19:33 /var/run/ldapi
libnss-ldap et.al. work properly. I found this thread on the openldap mailing list:
http://
I fixed it here by adding these three lines right after start_slapd and start_slurpd in my /etc/init.d/slapd file:
if [ -S /var/run/ldapi ]; then
fi
Ciao
Martin
To post a comment you must log in.
Thank you for taking the time to report this bug and helping to make Ubuntu better. However, I am closing it because the bug has been fixed in the latest development version of Ubuntu - the Intrepid Ibex.
This is a signficant bug in Ubuntu. If you need a fix for the bug in previous versions of Ubuntu, please do steps 1 and 2 of the SRU Procedure [1] to bring the need to a developer's attention.
[1]: [WWW] https:/ /wiki.ubuntu. com/StableRelea seUpdates# head-a7a957d3d6 91c2754ba24e508 5481107ed703b49