[Bug 304698] New: openldap rfc2307bis.schema bogus
https://bugzilla.novell.com/show_bug.cgi?id=304698 Summary: openldap rfc2307bis.schema bogus Product: openSUSE 10.2 Version: Final Platform: All OS/Version: Linux Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jengelh@gmx.de QAContact: qa@suse.de Found By: Beta-Customer This bug also applies to 10.3/Factory. In /etc/openldap2/schema/rfc2307bis.schema, we find: objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top AUXILIARY but in nis.schema, posixGroup is defined as "SUP top STRUCTURAL". In fact, due to AUXILIARY, I cannot add any groups. Please fix. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=304698#c1
--- Comment #1 from Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=304698
Matej Horvath
https://bugzilla.novell.com/show_bug.cgi?id=304698#c2
Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=304698#c3
--- Comment #3 from Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=304698#c4
--- Comment #4 from Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=304698#c5
--- Comment #5 from Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=304698#c6
--- Comment #6 from Ralf Haferkamp
## namedObject is needed for groups without members objectclass ( 1.3.6.1.4.1.5322.13.1.1 NAME 'namedObject' SUP top STRUCTURAL MAY cn )
Which raises the question whether I should always use namedObject.. You could, but then you could also just continue to use nis.schema. The real benefit for rfc2037bis is that you can "groupOfNames" combined with "posixGroup". "namedObject" is just a kludge to be able to have groups without a member (something that "groupOfNames" does not allow). Using "namedObject" and "groupOfNames" together is no possible because it violates the "only one structual objectclass per Object" rule of LDAP.
or even convert (in my scripts) from namedObject to groupOfNames once a member is added to the group. That might be the better approach. (YaST works does it this way)
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=304698#c7
Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=304698#c8
--- Comment #8 from Ralf Haferkamp
participants (1)
-
bugzilla_noreply@novell.com