Openldap update problem

Lloyd H. Meinholz lloyd.meinholz at bmpcoe.org
Thu Sep 2 18:41:55 UTC 2004 

Installing updates automatically seems like bad practice to me. Do you
have so many machines that reviewing the updates before installing them
is impractical? Just my opinion...

Lloyd


On Thu, 2004-09-02 at 14:14, Ryan Golhar wrote:
> This morning, I came in to work and was told no one could log on to any
> of the linux machines.  After some digging, I checked the LDAP directory
> and found out it was totally empty -- it was overwritten.
> 
> I was able to recreate it based on /etc/passwd and /etc/shadow, but then
> proceeded to find out why.  I found out that last night, new ldap rpms
> were installed by up2date:
> 
> [Thu Sep  2 00:32:14 2004] up2date installing packages:
> ['nss_ldap-207-11', 'openldap-2.0.27-15', 'openldap-clients-2.0.27-15',
> 'openldap-servers-2.0.27-15']
> [Thu Sep  2 00:32:27 2004] up2date Removing packages from package
> profile: ['nss_ldap-207-10', 'openldap-2.0.27-11',
> 'openldap-clients-2.0.27-11', 'openldap-servers-2.0.27-11']
> [Thu Sep  2 00:32:28 2004] up2date Adding packages to package profile:
> ['nss_ldap-207-11', 'openldap-2.0.27-15', 'openldap-clients-2.0.27-15',
> 'openldap-servers-2.0.27-15']
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/nss_ldap-207-11.i386.rpm
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/nss_ldap-207-11.i386.hdr
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/openldap-2.0.27-15.i386.rpm
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/openldap-2.0.27-15.i386.hdr
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/openldap-clients-2.0.27-15.i386.hdr
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/openldap-clients-2.0.27-15.i386.rpm
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/openldap-servers-2.0.27-15.i386.hdr
> [Thu Sep  2 00:32:29 2004] up2date deleting
> /var/spool/up2date/openldap-servers-2.0.27-15.i386.rpm
> 
> 
> I've now marked ldap to be skipped in updates, but am curious if this is
> normal behaviour. 
> 
> Thank god I keep everything in /etc/passwd and /etc/shadow just in case.
> 
> -----
> Ryan Golhar
> Computational Biologist
> The Informatics Institute at
> The University of Medicine & Dentistry of NJ
> 
> Phone: 973-972-5034
> Fax: 973-972-7412
> Email: golharam at umdnj.edu
>

More information about the redhat-list mailing list