Project

General

Profile

Bug #16432

Updated by François ARMAND almost 5 years ago

When migrating Rudder from 5.0 to 6.0 (on centos 7, but no reason it will be better elsewhere), slapd won't start anymore.  

 First, it complains about right access to /opt/rudder/run/slapd.pid. It's because the line about it was removed from @/opt/rudder/etc/openldap/slapd.conf@.  

 It's because we have a new @/opt/rudder/etc/openldap/slapd.conf.rpmnew@.  

 Beut then, you move @/opt/rudder/etc/openldap/slapd.conf.rpmnew@ to @/opt/rudder/etc/openldap/slapd.conf@, we still have authorisation errors: 

 <pre> 
 Dec 18 12:40:30 server systemd[1]: Starting Rudder OpenLDAP Server Daemon... 
 Dec 18 12:40:30 server rudder-slapd[11392]: @(#) $OpenLDAP: slapd 2.4.47 (Dec 15 2019 01:39:55) $ 
                                                     root@centos-builder-7-64:/usr/src/rudder-packages/package/SOURCES/openldap-source/servers/slapd 
 Dec 18 12:40:30 server rudder-slapd[11392]: could not open config file "/opt/rudder/etc/openldap/slapd.conf": Permission denied (13) 
 Dec 18 12:40:30 server rudder-slapd[11392]: rudder-slapd destroy: freeing system resources. 
 Dec 18 12:40:30 server rudder-slapd[11392]: slapd stopped. 
 </pre>  

 The file exists and is readable, and I tested with "setenforce 0".  

 I needed to gave read rights to "others" to be able to start slapd.

Back