Merge ~sergiodj/ubuntu/+source/openldap:bug1557157-bionic into ubuntu/+source/openldap:ubuntu/bionic-devel
| Status: | Merged | ||||
|---|---|---|---|---|---|
| Approved by: | Christian Ehrhardt on 2020-07-03 | ||||
| Approved revision: | bad9e1f9909b883ce6bdb238b3cd20a894e90bf8 | ||||
| Merge reported by: | Andreas Hasenack | ||||
| Merged at revision: | bad9e1f9909b883ce6bdb238b3cd20a894e90bf8 | ||||
| Proposed branch: | ~sergiodj/ubuntu/+source/openldap:bug1557157-bionic | ||||
| Merge into: | ubuntu/+source/openldap:ubuntu/bionic-devel | ||||
| Diff against target: |
34 lines (+9/-1) 2 files modified
debian/apparmor-profile (+2/-1) debian/changelog (+7/-0) |
||||
| Related bugs: |
|
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Christian Ehrhardt | 2020-06-15 | Approve on 2020-06-16 | |
| Canonical Server Team | 2020-06-16 | Pending | |
| Canonical Server Core Reviewers | 2020-06-15 | Pending | |
|
Review via email:
|
|||
Description of the change
When using openldap with sasl authentication, the slapd process will communicate with the saslauthd daemon via a socket in {,/var}
This simple change implements the fix to allow the authentication process to happen.
It's possible to test it by doing:
$ lxc launch ubuntu-daily:bionic openldap-
$ lxc shell openldap-
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=
# cat > /etc/ldap/
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root -Y PLAIN
If you are using the fixed package, you will see something like:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
There is a PPA here: https:/
autopkgtest is still happy (well, because of a bug, there is no d/tests/control file, so no tests are run):
autopkgtest [11:57:32]: build not needed
* SKIP no tests in this package
autopkgtest [11:57:32]: @@@@@@@
* SKIP no tests in this package
| Christian Ehrhardt (paelzer) wrote : | # |
This was reviewed but not yet uploaded, should be combined with the SRU for bug 1866303
| Andreas Hasenack (ahasenack) wrote : | # |
I'll pull this in
| Andreas Hasenack (ahasenack) wrote : | # |
I included it and uploaded together with my fix. I'll leave this MP as is, hoping the importer will close it as soon as the upload is accepted, but if that's not the case, it can be set to "merged" manually at that time.
| Andreas Hasenack (ahasenack) wrote : | # |
This was released into updates already.
Change itself LGTM, is is small simple and reasonable.