diff options
| author | Nathan Kinder <nkinder@redhat.com> | 2010-04-21 13:55:33 -0700 |
|---|---|---|
| committer | Nathan Kinder <nkinder@redhat.com> | 2010-04-21 13:55:33 -0700 |
| commit | b70739589cfaa7a8da3faffcc13465d521e7ad20 (patch) | |
| tree | 3251940a8a49996fa1ba375ffd7cddf6bb688f97 | |
| parent | 288953655c3af087c82007d630cf8fb6558e9a9e (diff) | |
| download | ds-b70739589cfaa7a8da3faffcc13465d521e7ad20.tar.gz ds-b70739589cfaa7a8da3faffcc13465d521e7ad20.tar.xz ds-b70739589cfaa7a8da3faffcc13465d521e7ad20.zip | |
Bug 584156 - Remove ldapi socket file during upgrade
The ldapi socket file is only removed when ns-slapd is started
since the server does not have permission to remove it at shutdown.
The causes issues when upgrading to a recetn version that has
SELinux policy since the newly confined ns-slapd daemon will not
be allowed to remove the old ldapi socket file since it doesn't
have a dirsrv specific label. To deal with this, I've added an
upgrade scriptlet that will remove the ldapi socket file. When
the newly confined ns-slapd starts up, it will create a new
socket file with the proper label.
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rwxr-xr-x | Makefile.in | 3 | ||||
| -rw-r--r-- | ldap/admin/src/scripts/10cleanupldapi.pl | 23 |
3 files changed, 26 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am index 6cfbef8f..9d1bee6b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -407,6 +407,7 @@ dist_man_MANS = man/man1/dbscan.1 \ #------------------------ update_DATA = ldap/admin/src/scripts/exampleupdate.pl \ ldap/admin/src/scripts/exampleupdate.ldif \ + ldap/admin/src/scripts/10cleanupldapi.pl \ ldap/admin/src/scripts/10delautodnsuffix.pl \ ldap/admin/src/scripts/10fixrundir.pl \ ldap/admin/src/scripts/50addchainingsaslpwroles.ldif \ diff --git a/Makefile.in b/Makefile.in index f7c82fbe..4ecd1c5c 100755 --- a/Makefile.in +++ b/Makefile.in @@ -1489,6 +1489,7 @@ dist_man_MANS = man/man1/dbscan.1 \ #------------------------ update_DATA = ldap/admin/src/scripts/exampleupdate.pl \ ldap/admin/src/scripts/exampleupdate.ldif \ + ldap/admin/src/scripts/10cleanupldapi.pl \ ldap/admin/src/scripts/10delautodnsuffix.pl \ ldap/admin/src/scripts/10fixrundir.pl \ ldap/admin/src/scripts/50addchainingsaslpwroles.ldif \ @@ -9685,7 +9686,7 @@ distdir: $(DISTFILES) || exit 1; \ fi; \ done - -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ + -find $(distdir) -type d ! -perm -755 -exec chmod a+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \ diff --git a/ldap/admin/src/scripts/10cleanupldapi.pl b/ldap/admin/src/scripts/10cleanupldapi.pl new file mode 100644 index 00000000..a09abe67 --- /dev/null +++ b/ldap/admin/src/scripts/10cleanupldapi.pl @@ -0,0 +1,23 @@ +use Mozilla::LDAP::Conn; +use Mozilla::LDAP::Utils qw(normalizeDN); +use Mozilla::LDAP::API qw(:constant ldap_url_parse ldap_explode_dn); + +sub runinst { + my ($inf, $inst, $dseldif, $conn) = @_; + + my @errs; + my $ldapifile; + + # see if nsslapd-rundir is defined + my $ent = $conn->search("cn=config", "base", "(objectclass=*)"); + if (!$ent) { + return ('error_finding_config_entry', 'cn=config', $conn->getErrorString()); + } + + $ldapifile = $ent->getValues('nsslapd-ldapifilepath'); + if ($ldapifile) { + unlink($ldapifile); + } + + return (); +} |