(ITS#6526) slapd does not start: slapo-rwm + rewriteContext searchfilter + rewriteRule + cn=config
Full_Name: Daniel Pluta Version: HEAD OS: URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:470:9feb:ff02:749a:cf80:5be3:e252)
Using the following rwm configuration:
overlay rwm rwm-rewriteEngine on
rwm-rewriteContext searchFilter rwm-rewriteRule "(.*)" "(&(ou=openldap)$1)" ":@I"
1.) works fine after starting slapd with: slapd -f slapd.conf 2.) converts fine (at least no error messages): slaptest -f slapd.conf -F slapd.d 3.) but slapd's startup aborts when using: slapd -F slapd.d
fyi here's slapd's output when started "slapd -F slapd.d -d -1" (rwm-related output):
ldif_read_file: read entry file: "/tmp/openldap/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb/olcOverlay={1}rwm.ldif" => str2entry: "dn: olcOverlay={1}rwm objectClass: olcOverlayConfig objectClass: olcRwmConfig olcOverlay: {1}rwm olcRwmRewrite: {0}rwm-rewriteEngine "on" olcRwmRewrite: {1}rwm-rewriteContext "searchFilter" olcRwmRewrite: {2}rwm-rewriteRule "(.*)" "(&(ou=openldap)$1)" ":@I" olcRwmTFSupport: false olcRwmNormalizeMapped: FALSE structuralObjectClass: olcRwmConfig entryUUID: 2dbc3768-de64-102e-990e-a3438cd19586 creatorsName: cn=config createTimestamp: 20100417115744Z entryCSN: 20100417115744.885645Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20100417115744Z "
dnPrettyNormal: <olcOverlay={1}rwm>
=> ldap_bv2dn(olcOverlay={1}rwm,0) <= ldap_bv2dn(olcOverlay={1}rwm)=0 => ldap_dn2bv(272) <= ldap_dn2bv(olcOverlay={1}rwm)=0 => ldap_dn2bv(272) <= ldap_dn2bv(olcOverlay={1}rwm)=0 <<< dnPrettyNormal: <olcOverlay={1}rwm>, <olcOverlay={1}rwm>
dnNormalize: <cn=config>
=> ldap_bv2dn(cn=config,0) <= ldap_bv2dn(cn=config)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=config)=0 <<< dnNormalize: <cn=config>
dnNormalize: <cn=config>
=> ldap_bv2dn(cn=config,0) <= ldap_bv2dn(cn=config)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=config)=0 <<< dnNormalize: <cn=config> <= str2entry(olcOverlay={1}rwm) -> 0x9581ef4 => test_filter PRESENT => access_allowed: search access to "olcOverlay={1}rwm,olcDatabase={2}hdb,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 line 0 (rwm-rewriteEngine "on") line 0 (rwm-rewriteEngine "on") line 0 (rwm-rewriteContext "searchFilter"
==> here the shell is back :-/
BTW: after commenting out 'rwm-rewriteRule "(.*)" "(&(ou=openldap)$1)" ":@I"' slapd starts just fine. Adding this rule vi cn=config works, but searchfilter-rewriting does not work. Removeing the rule via cn=config results in assertion error rwm.c's function "rwm_cf_gen" in line 2158.
-
daniel@pluta.biz