With the updated package from proposed:
Version table:
*** 2.4.45+dfsg-1ubuntu1.6 500
500 http://br.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages
100 /var/lib/dpkg/status
The ldapsearch command works, and there is no apparmor error in dmesg:
root@bionic-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
bionic verification
First reproducing the problem: dfsg-1ubuntu1. 5 500 br.archive. ubuntu. com/ubuntu bionic-updates/main amd64 Packages br.archive. ubuntu. com/ubuntu bionic- security/ main amd64 Packages dpkg/status
Version table:
*** 2.4.45+
500 http://
500 http://
100 /var/lib/
Command fails: openldap- saslauthd- 1557157: ~# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN interactive_ bind_s: Other (e.g., implementation specific) error (80)
root@bionic-
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_
additional info: SASL(-1): generic failure: Password verification failed
And dmesg shows the apparmor denial: 3.536:453) : apparmor="DENIED" operation="connect" namespace= "root// lxd-bionic- openldap- saslauthd- 1557157_ <var-snap- lxd-common- lxd>" profile= "/usr/sbin/ slapd" name="/ run/saslauthd/ mux" pid=153401 comm="slapd" requested_mask="wr" denied_mask="wr" fsuid=1000111 ouid=1000000
[17283.881912] audit: type=1400 audit(159422877
With the updated package from proposed: dfsg-1ubuntu1. 6 500 br.archive. ubuntu. com/ubuntu bionic- proposed/ main amd64 Packages dpkg/status
Version table:
*** 2.4.45+
500 http://
100 /var/lib/
The ldapsearch command works, and there is no apparmor error in dmesg: openldap- saslauthd- 1557157: ~# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN
root@bionic-
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
Bionic verification succeeded.