i just emerged openldap, configured it, started it through "/etc/init.d/slapd start", tried to add an ldif-file, but it always failed with "ldap_add: Operations error". after some searching on the config/client-side i stopped slapd and started it with strace by hand, and it threw some "permission denied"-errors. i changed /var/lib/openldap-* to ldap:ldap and everything worked. (/etc/init.d/slapd starts the slapd with "-u(ser) ldap" and "-g(roup) ldap") drwx------ 2 ldap ldap 4096 Jul 13 02:13 /var/lib/openldap-data drwx------ 2 ldap ldap 4096 Jul 13 21:30 /var/lib/openldap-ldbm drwx------ 3 ldap ldap 4096 Jul 13 21:40 /var/lib/openldap-slurp Reproducible: Always Steps to Reproduce: 1.emerge openldap 2. 3. Actual Results: it didn't work (ldapadd threw errors) Expected Results: it should've worked ;-)
Added a line to pkg_postinst which will take care of this permission problem related to upgrading from builds which ran slapd as root.
One special note with this. If you populate your database with slapadd initially, you MUST change the owner and group on the /var/lib/openldap-{data,ldbm} files yourself! slapadd creates them as chmod 600, chown root.root.
^^ einfo would be helpful
hmm i wasn't upgrading, i emerged it for the first time, and didn't populate it by hand, i just ran ldapadd with an ldif-file, but the permissions where root.root...