When trying to delete a single olcAccess attribute from cn=config the openldap server crashes. The client library (php) returns error code -1 (cant contact LDAP Server) and the openldap server crashes.
The delete operation is:
dn: olcDatabase={2}bdb,cn=config changetype: modify delete: olcAccess olcAccess: 2
This behavior is not consistent. Sometimes the server crashes while sometimes it will report back :
modifying entry "olcDatabase={2}bdb,cn=config" ldap_modify: No such attribute (16)
It might continue to say Error 19 for a while (3-4 times) and on the 5th time the operation completes successfully. However, the dn at this time seems to contain NO entries. After this slapd crashes. Restarting will show that the operation was never ACTUALLY completed. The segfault trace is:
ber_dump: buf=0x82c1ef0 ptr=0x82c1ef3 end=0x82c1f2c len=57 0000: 66 37 04 1c 6f 6c 63 64 61 74 61 62 61 73 65 3d f7..olcdatabase= 0010: 7b 32 7d 62 64 62 2c 63 6e 3d 63 6f 6e 66 69 67 {2}bdb,cn=config 0020: 30 17 30 15 0a 01 01 30 10 04 09 6f 6c 63 61 63 0.0....0...olcac 0030: 63 65 73 73 31 03 04 01 32 cess1...2 conn=0 op=3 do_modify: dn (olcdatabase={2}bdb,cn=config) ber_scanf fmt ({e{m[W]}}) ber: ber_dump: buf=0x82c1ef0 ptr=0x82c1f15 end=0x82c1f2c len=23 0000: 30 15 0a 01 01 30 10 04 09 6f 6c 63 61 63 63 65 0....0...olcacce 0010: 73 73 31 03 04 01 32 ss1...2
dnPrettyNormal: <olcdatabase={2}bdb,cn=config>
=> ldap_bv2dn(olcdatabase={2}bdb,cn=config,0) <= ldap_bv2dn(olcdatabase={2}bdb,cn=config)=0 => ldap_dn2bv(272) <= ldap_dn2bv(olcDatabase={2}bdb,cn=config)=0 => ldap_dn2bv(272) <= ldap_dn2bv(olcDatabase={2}bdb,cn=config)=0 <<< dnPrettyNormal: <olcDatabase={2}bdb,cn=config>, <olcDatabase={2}bdb,cn=config> conn=0 op=3 modifications: delete: olcaccess one value, length 1 conn=0 op=3 MOD dn="olcDatabase={2}bdb,cn=config" conn=0 op=3 MOD attr=olcaccess <= acl_access_allowed: granted to database root Segmentation fault