This is the first testing call for OpenLDAP 2.6.4. Depending on the results, this may be the only testing call.
Generally, get the code for RE26:
Extract, configure, and build.
Execute the test suite (via make test) after it is built. Optionally, cd tests && make its to run through the regression suite.
Thanks!
OpenLDAP 2.6.4 Engineering Fixed client tools to remove 'h' and 'p' options (ITS#9917,ITS#8618) Fixed ldapsearch memory leak with controls (ITS#9860) Fixed libldap ldif_open_urlto check for failure (ITS#9904) Fixed libldap ldap_url_parsehosts check for failure (ITS#9904) Fixed lloadd memory leaks (ITS#9907) Fixed lloadd shutdown code to protect memory correctly (ITS#9913) Fixed slapd memory leak with olcAuthIDRewrite (ITS#6035) Fixed slapd free of config item (ITS#9912) Fixed slapd transactions extended operations cleanup after write (ITS#9892) Fixed slapd-mdb max number of index databases to 256 (ITS#9895) Fixed slapd-monitor memory leaks with lloadd (ITS#9906) Fixed slapd-monitor to free remembered cookies (ITS#9339) Fixed slapo-deref memory leak (ITS#9924) Fixed slapo-dynlist to ignore irrelevant objectClasses (ITS#9897) Fixed slapo-remoteauth memory leaks (ITS#9438) Fixed slapo-rwm memory leaks (ITS#9817) Build Environment Fixed build process to not use gmake specific features (ITS#9894) Fixed slapo-otp testdir creation (ITS#9437) Fixed slapd-tester memory leak (ITS#9908) Fixed usage of non-standard C syntax (ITS#9898, ITS#9899, ITS#9901) Fixed usage of bashism (ITS#9900) Documentation Fixed slapo-unique(5) to clarify when quoting should be used (ITS#9915)
Regards, Quanah
On 10/4/22 18:49, Quanah Gibson-Mount wrote:
This is the first testing call for OpenLDAP 2.6.4.
Build and make test seem to work on my local openSUSE Tumbleweed x86_64 with gcc 12.2.1.
I've also temporarily enabled running make test in my openSUSE/SLE package openldap-ms:
https://build.opensuse.org/package/show/home:stroeder:branches:home:stroeder...
Note that the package builds including the tests run on the different hardware platforms (by courtesy of openSUSE build service).
Ciao, Michael.
Hi all,
I am standing up a new OpenLDAP directory to serve as an SSSD authn/authz point for an HPC lab environment. This directory should delegate user/password authentication to a second LDAP directory via SASL. Following the directions from the LTB project https://ltb-project.org/documentation/sasl_delegation.html#pass-through-authentication-on-one-ldap-directory, as well as the standard OpenLDAP documentation https://www.openldap.org/doc/admin26/security.html#SASL%20method, I have set up a SASL daemon which I've confirmed works correctly. A few following questions:
Is there anything one needs to do beyond edit /usr/lib/sasl2/slapd.conf to include "mech_list: plain, pwcheck_method: saslauthd, saslauthd_path: /var/run/sasl2/mux lines configure saslauthd.conf to point to the directory server for delegation (already working) edit the userPassword attribute of the user in question to be {SASL}user@domain? It does not seem to be trying to delegate to SASL according to logs. And if I look in ApacheDirectoryStudio, while it looks like {SASL}user@domain there if I do an ldapsearch on the user it shows me a hash. So I'm not sure it's being stored correctly. There are some attributes missing from the default schema if one wants to use LDAP for UNIX/POSIX information. So I included /usr/local/openldap/etc/openldap/schema/nis.schema in order to add things like uidNumber and gidNumber to the schema, which adds posixAccount as a possible object type. But if I try to add a posixAccount user, or include a user's home directory with the homeDirectory attribute, I get "[LDAP result code 17 - undefinedAttributeType] homeDirectory: attribute type undefined." This seems to imply there's something else I need to do to add these attributes to the schema. I tried looking through the schema documentation https://www.openldap.org/doc/admin26/schema.html but none of it seems to apply to "here is how you add all the things that are missing by default." Because I noticed there were items missing from the inetOrgPerson definition (which was how I originally created my first user), I deleted that user, did the include and tried again. Now I cannot create a new user because of this homeDirectory attribute problem.
Thanks in advance!
--
Jarett T. DeAngelis, MS
Scientific Systems Engineer
Email: jarett@bioteam.net mailto:jarett@bioteam.net M: +1.646.417.2165
bioteam.net https://www.bioteam.net/
Both tests and regression tests are passing on the following host:
$ uname -a Linux yggdrasil 4.15.0-193-generic #204-Ubuntu SMP Fri Aug 26 19:20:21 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux $ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.6 LTS"
Em 04/10/2022 13:49, Quanah Gibson-Mount escreveu:
This is the first testing call for OpenLDAP 2.6.4. Depending on the results, this may be the only testing call.
Generally, get the code for RE26:
Extract, configure, and build.
Execute the test suite (via make test) after it is built. Optionally, cd tests && make its to run through the regression suite.
Thanks!
OpenLDAP 2.6.4 Engineering Fixed client tools to remove 'h' and 'p' options (ITS#9917,ITS#8618) Fixed ldapsearch memory leak with controls (ITS#9860) Fixed libldap ldif_open_urlto check for failure (ITS#9904) Fixed libldap ldap_url_parsehosts check for failure (ITS#9904) Fixed lloadd memory leaks (ITS#9907) Fixed lloadd shutdown code to protect memory correctly (ITS#9913) Fixed slapd memory leak with olcAuthIDRewrite (ITS#6035) Fixed slapd free of config item (ITS#9912) Fixed slapd transactions extended operations cleanup after write (ITS#9892) Fixed slapd-mdb max number of index databases to 256 (ITS#9895) Fixed slapd-monitor memory leaks with lloadd (ITS#9906) Fixed slapd-monitor to free remembered cookies (ITS#9339) Fixed slapo-deref memory leak (ITS#9924) Fixed slapo-dynlist to ignore irrelevant objectClasses (ITS#9897) Fixed slapo-remoteauth memory leaks (ITS#9438) Fixed slapo-rwm memory leaks (ITS#9817) Build Environment Fixed build process to not use gmake specific features (ITS#9894) Fixed slapo-otp testdir creation (ITS#9437) Fixed slapd-tester memory leak (ITS#9908) Fixed usage of non-standard C syntax (ITS#9898, ITS#9899, ITS#9901) Fixed usage of bashism (ITS#9900) Documentation Fixed slapo-unique(5) to clarify when quoting should be used (ITS#9915)
Regards, Quanah
openldap-technical@openldap.org
-
Alceu Rodrigues de Freitas Junior -
Jarett DeAngelis -
Michael Ströder -
Quanah Gibson-Mount