On 13-09-27 12:35 PM, Gary Slopsema wrote:
I'm having an issue running slapd with a custom config "slapd.conf" that's not located at /etc/ldap/slapd.conf.
I guess AppArmor is blocking you. If I'm right, dmesg(1) will show some audit messages that confirm it. Look at /etc/apparmor.d/usr.sbin.slapd for the rules it follows.
The correct fix is to create a local addition to the AppArmor profile (check the documentation) that adds the paths your slapd should be allowed to access.
You could work around AppArmor, either by copying or hard-linking /usr/sbin/slapd somewhere else and running it from there, or by disabling the profile using aa-complain(8). Don't do either of those on a system that handles untrusted data, of course.
If you run your own openldap build (as many people on this list will recommend), it won't use AppArmor and you won't have this problem.
Hope that helps!