Subject: Re: pkg/34183: openldap-server dies silently on startup after fresh install
To: None <gnats-bugs@NetBSD.org>
From: Geert Hendrickx <ghen@NetBSD.org>
List: pkgsrc-bugs
Date: 09/19/2006 08:46:30
On Mon, Sep 18, 2006 at 08:55:02PM +0000, Christoph Badura wrote:
> It is a well-established pkgsrc tradition that we fix programs in pkgsrc
> and offer the patches upstream, so that they originators can incorporate
> our improvements if they want. But we don't make our improvments dependend
> on the good-will of the upstream maintainers.
Yes, we *do* fix portability problems, and some bugs we encounter, but we
intententionally *don't* change program design/behaviour as to save people
from surprises when they switch between systems. As this is not a bug but
a design decision (although I agree it's a poor one), you should discuss it
with the people who designed the program, not those who merely packaged it.
> > > - slapd fails to start because the permissions on $PKG_SYSCONFDIR/openldap and
> > > below don't allow slapd to access the files because they aren't group readable.
> > This dir should be world-readable (755) by default. Only slapd.conf itself
> > should be confidential (750 root:ldap).
>
> > > - the file permissions on /var/openldap/openldap-data are wrong, too.
> > This dir should be created as 700 slapd:ldap.
>
> I don't particularly care what the permissions should be. The package
> doesn't set the permissions so that the software actually works. That
> needs to be fixed in the package.
Ok, let me reword: this dir is *is* created as 700 slapd:ldap.
SLAPD_DIRPERMS= ${SLAPD_USER} ${LDAP_GROUP} 0700
OWN_DIRS_PERMS= ${OPENLDAP_VARDIR}/openldap-data ${SLAPD_DIRPERMS}
Did you read the MESSAGE file? (pkg_info -D openldap-server)
Geert