2.4.51 package for jessie still set root:root owner recursively

[sophieqc]

Hello,

When upgrading an openldap 2.4.49 to 2.4.51 on ubuntu 16.04 this morning I've seen this problem again #16

In this case we store accesslogs in /usr/local/openldap/var/openldap-accesslog/

# ls -lha /usr/local/openldap/var/
total 20K
drwxr-xr-x  5 root root 4.0K Jan 25  2019 .
drwxr-xr-x 10 root root 4.0K Nov 28  2017 ..
drwxr-xr-x  2 ldap ldap 4.0K Nov 10 10:35 openldap-accesslog
drwxr-xr-x  2 ldap ldap 4.0K Nov 10 10:35 openldap-data
drwxr-xr-x  2 ldap ldap 4.0K Nov 10 10:35 run

Upgrading the package makes :

chown -R root:root ${LDAPSERVERDIR}/var

Witch result to the accesslog folder being set to root:root, and then slapd is unable to restart :

Errors were encountered while processing:
 openldap-ltb
 openldap-ltb-contrib-overlays
 openldap-ltb-mdb-utils
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@ldap:~# ls -lha /usr/local/openldap/var/openldap-accesslog/
total 168K
drwxr-xr-x 2 root root 4.0K Nov 10 10:38 .
drwxr-xr-x 5 root root 4.0K Jan 25  2019 ..
-rw------- 1 root root 156K Oct 26 09:01 data.mdb
-rw------- 1 root root 8.0K Nov 10 10:31 lock.mdb

Thanks

[coudot]

Indeed, I think we should not run chown at all on ${LDAPSERVERDIR}/var, what do you think @davidcoutadeur ?

[davidcoutadeur]

Yes indeed, we should be more specific for the files/dirs owned by root.

[davidcoutadeur]

Fix with last commit a17f587