Installing 389-ds-base doesn't appear to result in a working LDAP server

  • Open
  • quality assurance status badge
Details
2 participants
  • Brant Gardner
  • Ricardo Wurmus
Owner
unassigned
Submitted by
Brant Gardner
Severity
normal

Debbugs page

Brant Gardner wrote 6 years ago
Installing 389-ds-base doesn't appear to result in a working L DAP server
(address . bug-guix@gnu.org)
4edfc48b-4e18-43f4-9720-ea58370d0bf4@www.fastmail.com
I used the quickstart documentation for all my testing, located here: https://directory.fedoraproject.org/docs/389ds/howto/quickstart.html

Initially I ran into trouble because the 'dirsrv' user and group are apparently expected to already exist, so I added this to my config.scm and ran guix system reconfigure:

(groups (cons*
;; To support 389-ds-base
(user-group (name "dirsrv"))
%base-groups))

(users (cons*
...snip...
;; To support 389-ds-base
(user-account
(name "dirsrv")
(comment "LDAP Server User")
(group "users")
(supplementary-groups '("netdev" "dirsrv"))
(home-directory "/home/dirsrv"))
%base-user-accounts))

After this, I generated a template config file with:

# dscreate create-template > gardner.inf

Then I read through the resulting template file and modified only these values:
- password
- server FQDN
- instance name (gardner)
- selinux (False)
- suffix (dc=gardner,dc=local)

Finally I tried to create the new instance with:

# dscreate from-file /root/gardner.inf

This said "Starting installation...", then paused for about 60 seconds and then said:

Error: Failed to start DS, removing incomplete installation...
Error:

Note that even though it claims to, it did not actually remove the incomplete installation, as trying the same command again results in:

Starting installation...
Error: Another instance named 'gardner' may already exist

Checking the logs, I found only this line in /var/log/debug that seems related:

Jul 10 12:49:09 localhost ns-slapd: looking for plugins in '/usr/lib/x86_64-linux-gnu', failed to open directory, error: No such file or directory

Thanks for any suggestions,

--
Brant Gardner
Attachment: file
Ricardo Wurmus wrote 6 years ago
Re: bug#36581: Installing 389-ds-base doesn't appear to result in a working LDAP server
(name . Brant Gardner)(address . brantcgardner@brantware.com)(address . 36581@debbugs.gnu.org)
875zo9j5ya.fsf@elephly.net
Hi Brant,

that’s right. Installing just 389-ds-base isn’t going to be enough and
the scripts it comes with are less than helpful.

In the Guix System overarching configuration (involving configuration
files, creation of groups and user accounts, starting of daemons, etc)
is done via system services.

I was just about to recommend a certain service … but then realized that
I never actually finished it and the (gnu services ldap) module is only
provided by a file in my personal copy of the Guix repository!

I’ll make finishing this a priority once I’m back from vacation this
weekend.

--
Ricardo
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 36581@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 36581
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help