slapd package configuration aborts due to "ordered_value_sort failed on attr olcAccess" error during Hardy -> Lucid upgrade
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap (Ubuntu) |
Fix Released
|
High
|
Thierry Carrez | ||
Lucid |
Fix Released
|
High
|
Thierry Carrez |
Bug Description
I recently upgraded my server from Hardy to Lucid, using "do-release-upgrade -d" from the command line.
When the upgrade process attempted to install the new version of the slapd package, the package installation/
Once I resolved that problem, I re-ran "dpkg --pending --configure", and the configuration script was able to successfully convert my slapd.conf file to the slapd.d configuration directory. However, a second later, I received the following error message:
Starting OpenLDAP: slapd - failed.
The operation failed but no output was produced. For hints on what went
wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
[...]
invoke-rc.d: initscript slapd, action "start" failed.
dpkg: error processing slapd (--configure):
Sure enough, the syslog file contained the following:
Mar 11 20:43:23 suza slapd[7087]: @(#) $OpenLDAP: slapd 2.4.21 (Feb 18 2010 06:12:56) $#012#011buildd
Mar 11 20:43:23 suza slapd[7087]: config error processing olcDatabase=
Mar 11 20:43:23 suza slapd[7087]: slapd stopped.
Since the slapd.postinst returns an exit status in this situation, the slapd package is left in half-configured status.
Related branches
Changed in openldap (Ubuntu Lucid): | |
milestone: | none → ubuntu-10.04-beta-2 |
Changed in openldap (Ubuntu Lucid): | |
assignee: | nobody → Mathias Gug (mathiaz) |
Changed in openldap (Ubuntu Lucid): | |
assignee: | Mathias Gug (mathiaz) → Thierry Carrez (ttx) |
Changed in openldap (Ubuntu Lucid): | |
status: | Confirmed → In Progress |
I found that running "slaptest -F /etc/ldap/slapd.d" generated that same error message.
To investigate further, I used the command line ldap/slapd. d/cn=config/ olcDatabase= {0}config. ldif
slaptest -F /etc/ldap/slapd.d -d 1 2>&1 | grep "\.ldif"
to track down the full path of the file that contained the offending line, which turned out to be
/etc/
I am attaching a copy of that file, as it was created by the slapd.postinst script.
Eventually I was able to track the error down to the following line from that file: cn=localroot, cn=config manage by * break
olcAccess: to * by dn.exact=
When I edited that line to read: cn=localroot, cn=config manage by * break
olcAccess: {1}to * by dn.exact=
and then re-ran the "slaptest" command, the error went away.
I then tried running "dpkg --pending --configure" again... but the postinst script errored out because /var/backups/ *-2.4.9- 0ubuntu0. 8.04.2. ldapdb already existed.
I moved the old backup file out of the way and tried again... only to get the "Starting OpenLDAP: slapd - failed." message again. It turned out that the postinst script had re-converted the slapd.conf file and then re-added the oldAccess line back to the config file, and so slapd was still erroring out.
So I went ahead and edited the grep and sed lines in /var/lib/ dpkg/info/ slapd.postinst (inside the "if previous_ version_ older 2.4.11-0ubuntu1" block) so that the text of the line added there used there included the "{1}".
Then I moved the backup file out of the way and reran "dpkg --pending --configure"... and this time slapd started up successfully, and the slapd package was left in the "installed" state.