2017-09-22 08:01 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0013750CentOS-7openldappublic2017-09-13 09:16
Reporterrolffokkens 
PriorityurgentSeverityblockReproducibilityalways
StatusnewResolutionopen 
Platformx86_64OSCentOSOS Version7 CR
Product Version7.3.1611 
Target VersionFixed in Version 
Summary0013750: Upgrading to CentOS 7 CR breaks openldap server due to ppolicy changes
Descriptionslapd (ldap-server) will no longer start
Steps To ReproduceUse ppolicy
upgrade CentOS to 7.4 CR
Fail to start slapd
TagsNo tags attached.
abrt_hash
URLhttps://lists.ltb-project.org/pipermail/ltb-users/2015-December/000653.html
Attached Files

-Relationships
+Relationships

-Notes

~0029971

TrevorH (developer)

Is this documented in the upstream RHEL 7.4 release notes? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/

~0029972

TrevorH (developer)

CentOS 7.4 Release Notes https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7.1708 have been updated to include a link to this bug and the mailing list link.

~0029973

rolffokkens (reporter)

The attached script prep-ldap.sh works for my configuration, and may be useful for others. This script should be run prior to the RHEL upgrade to 7.4.

Instead of having you tamper with the slapd config manually, this uses ldapmodify to achieve the same result.

This may be particulary useful in clustered (syncrepl) setups, in which case the modification is distributed over the cluster automatically, depending on your setup.

~0029980

TrevorH (developer)

If you haven't alredy done so then raising a ticket on bugzilla.redhat.com about this would also be a good thing to do so that their release notes can be adjusted to document this too.

~0029982

rolffokkens (reporter)

Reported at https://bugzilla.redhat.com/show_bug.cgi?id=1487857

~0030041

rolffokkens (reporter)

Anticipating "Shooting for 1708 release early next week" (https://twitter.com/CentOS/status/906083174123540481) I would like to know what the situation around openldap will be on release. Will openldap/ppolicy issue be in the 1708 release?

~0030042

TrevorH (developer)

Unless RHEL have patched and released the fix before then (which I doubt), it'll go out exactly how it is now in CR.
+Notes

-Issue History
Date Modified Username Field Change
2017-08-31 14:47 rolffokkens New Issue
2017-08-31 15:02 TrevorH Note Added: 0029971
2017-08-31 15:29 TrevorH Note Added: 0029972
2017-08-31 20:18 rolffokkens File Added: prep-ldap.sh
2017-08-31 20:22 rolffokkens File Added: prep-ldap-2.sh
2017-08-31 20:22 rolffokkens Note Added: 0029973
2017-09-02 11:48 TrevorH Note Added: 0029980
2017-09-02 16:51 rolffokkens Note Added: 0029982
2017-09-13 08:51 rolffokkens Note Added: 0030041
2017-09-13 09:16 TrevorH Note Added: 0030042
+Issue History