[Bug 338952] New: YaST module ldap-server - acl package is missing - Cannot write TLS Settings
https://bugzilla.novell.com/show_bug.cgi?id=338952 Summary: YaST module ldap-server - acl package is missing - Cannot write TLS Settings Product: openSUSE 10.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: alofflambas@gmail.com QAContact: jsrain@novell.com Found By: --- I tried to use 'Common Server Certificate' with ldap and it needs the tools from the acl package. Solve it with just installing the package. $ zypper in acl YaST doesn't also change the variable in /etc/sysconfig/openldap when I'm enable TLS support. OPENLDAP_START_LDAPS="yes" I need to change it by my self. ## y2log ## 2007-11-03 14:00:15 <2> misa(6784) [Parser] ldap-server/tree_structure.ycp:903 Warning: find(...) is deprecated, please fix 2007-11-03 14:00:15 <2> misa(6784) [Parser] ldap-server/tree_structure.ycp:923 Warning: find(...) is deprecated, please fix 2007-11-03 14:00:16 <2> misa(6784) [Parser] ldap-server/dialogs.ycp:102 Warning: Format string is not constant, no parameter checking possible 2007-11-03 14:00:16 <2> misa(6784) [Parser] ldap-server/dialogs.ycp:249 Warning: find(...) is deprecated, please fix 2007-11-03 14:00:17 <0> misa(6791) [Perl] servers_non_y2/ag_ldapserver(ag_ldapserver::__init_rec):876 starting new <schemainclude> with value at position <2> 2007-11-03 14:00:17 <0> misa(6791) [Perl] servers_non_y2/ag_ldapserver(ag_ldapserver::__init_rec):876 starting new <schemainclude> with value at position <3> 2007-11-03 14:00:17 <0> misa(6791) [Perl] servers_non_y2/ag_ldapserver(ag_ldapserver::__init_rec):876 starting new <schemainclude> with value at position <4> 2007-11-03 14:00:17 <0> misa(6791) [Perl] servers_non_y2/ag_ldapserver(ag_ldapserver::__init_rec):876 starting new <schemainclude> with value at position <5> 2007-11-03 14:00:59 <3> misa(6784) [bash] ShellCommand.cc(shellcommand):78 sh: /usr/bin/setfacl: No such file or directory 2007-11-03 14:00:59 <3> misa(6784) [-e] SCR_EXECUTE_ERROR[1906:/usr/share/YaST2/modules/YaPI/LdapServer.pm] Can not set a filesystem acl on the private key 2007-11-03 14:00:59 <3> misa(6784) [-e] Description: setfacl -m u:ldap:r /etc/ssl/servercerts/serverkey.pem failed. 2007-11-03 14:02:32 <3> misa(6784) [YCP] Report.ycp:484 Cannot write 'TLS Settings'. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=338952
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=338952#c1
Thomas Göttlicher
https://bugzilla.novell.com/show_bug.cgi?id=338952
Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=338952#c2
Ralf Haferkamp
I tried to use 'Common Server Certificate' with ldap and it needs the tools from the acl package. Solve it with just installing the package. $ zypper in acl Moving to 11.0 to fix it for the next openSUSE release.
YaST doesn't also change the variable in /etc/sysconfig/openldap when I'm enable TLS support. OPENLDAP_START_LDAPS="yes" I need to change it by my self. The OPENLDAP_START_LDAPS is not necessarily needed to use TLS. That's why we don't enable it by default. Most LDAP clients support StartTLS nowadays. I'll treat this part as a feature request and move it to FATE, our feature tracking tool.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=338952
User rhafer@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=338952#c3
--- Comment #3 from Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=338952
User rhafer@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=338952#c4
Ralf Haferkamp
participants (1)
-
bugzilla_noreply@novell.com