[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Upgrade from 2.4.40 to 2.4.44
- To: Quanah Gibson-Mount <quanah@symas.com>
- Subject: Re: Upgrade from 2.4.40 to 2.4.44
- From: Ondřej Kuzník <ondra@mistotebe.net>
- Date: Fri, 15 Sep 2017 17:54:15 +0200
- Cc: Ryan Tandy <ryan@nardis.ca>, rammohan ganapavarapu <rammohanganap@gmail.com>, openldap-technical@openldap.org
- Content-disposition: inline
- In-reply-to: <0F9492D9245B8DFC7FFD2490@[192.168.1.30]>
- References: <CALm_VjhbmFFmP4qAsT8_yoPvsnWveAPT6O_2j1aibx6zumN+Ag@mail.gmail.com> <WM!2b27804d1962c89ca60ba6b779a9a7b5e4e4ec48313350811fd70226bb045af70095c25acfcf2c6f7407bb706df0f16c!@mailstronghold-3.zmailcloud.com> <4AA27E7AC368477495247EAC@192.168.1.30> <CALm_VjhPWWj8VvAEf1RVW9vt0mMKTZgFZrYOWHY4BU648eYyWA@mail.gmail.com> <CALm_VjjREd+vrnyPzff=CZhLj5Km2db6h0Um1gZikxPKS89uBQ@mail.gmail.com> <WM!e61ec67741ca68ce40722018577bfda7ccba7be6dc42eecc6968ff0f8f2e6b509bda7166b26b0e5ada4446e2073ae18b!@mailstronghold-1.zmailcloud.com> <F324AE13FC863D02F5CF8D73@[192.168.1.30]> <20170915151811.fsmgrmz4kvbha4so@comet.nardis.ca> <WM!1c6b0261b7b43298cd59ea014c5f6f9e70e59ae579f67377e92fd85a265e103512de1c4018c392b114e1fddffad5f905!@mailstronghold-2.zmailcloud.com> <0F9492D9245B8DFC7FFD2490@[192.168.1.30]>
- User-agent: Mutt/1.5.23 (2014-03-12)
On Fri, Sep 15, 2017 at 08:28:25AM -0700, Quanah Gibson-Mount wrote:
> --On Friday, September 15, 2017 9:18 AM -0700 Ryan Tandy <ryan@nardis.ca>
> wrote:
>
>> IIRC slapcat doesn't work in this case, because it fails to initialize
>> the ppolicy module.
>>
>> The linked CentOS and RHEL bugs recommend downgrading slapd to the
>> previously working version and using ldapmodify.
>
> Yeah, that's ugly :/ Another reason we really need to get slapmodify out,
> and some way to execute it with an option to not load modules or similar.
I guess I should document how you can do that with slapmodify already.
The easiest way, so for simplicity of explanation let's use slapd.conf,
cn=config can still be used:
- put your broken cn=config into another directory (cn=recovery),
symlinking might work
- set up a slapd.conf:
database ldif
directory <dir>
suffix cn=recovery
- start slapmodify with above config and no schema checking, make your
changes to ...,cn=config,cn=recovery
- move your config back where you need it
That's it, no modules loaded and no cn=config checking for this either,
for better or worse.
--
Ondřej Kuzník
Senior Software Engineer
Symas Corporation http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP