From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Thomas Munro <thomas(dot)munro(at)gmail(dot)com> |
Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Add a test to ldapbindpasswd |
Date: | 2023-01-01 19:58:10 |
Message-ID: | 11F66CAB-B1D1-4AA6-B555-1C6446896B42@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On Jan 1, 2023, at 2:03 PM, Thomas Munro <thomas(dot)munro(at)gmail(dot)com> wrote:
>
> On Mon, Jan 2, 2023 at 3:04 AM Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>>> On 2022-12-19 Mo 11:16, Andrew Dunstan wrote:
>>> There is currently no test for the use of ldapbindpasswd in the
>>> pg_hba.conf file. This patch, mostly the work of John Naylor, remedies that.
>>>
>>>
>>
>> This currently has failures on the cfbot for meson builds on FBSD13 and
>> Debian Bullseye, but it's not at all clear why. In both cases it fails
>> where the ldap server is started.
>
> I think it's failing when using meson. I guess it fails to fail on
> macOS only because you need to add a new path for Homebrew/ARM like
> commit 14d63dd2, so it's skipping (it'd be nice if we didn't need
> another copy of all that logic). Trying locally... it looks like
> slapd is failing silently, and with some tracing I can see it's
> sending an error message to my syslog daemon, which logged:
>
> 2023-01-02T07:50:20.853019+13:00 x1 slapd[153599]: main: TLS init def
> ctx failed: -1
>
> Ah, it looks like this test is relying on "slapd-certs", which doesn't exist:
>
> tmunro(at)x1:~/projects/postgresql/build$ ls testrun/ldap/001_auth/data/
> ldap.conf ldappassword openldap-data portlock slapd-certs slapd.conf
> tmunro(at)x1:~/projects/postgresql/build$ ls testrun/ldap/002_bindpasswd/data/
> portlock slapd.conf
>
> I didn't look closely, but apparently there is something wrong in the
> part that copies certs from the ssl test? Not sure why it works for
> autoconf...
Thanks, I see the problem. Will post a revised patch shortly
Cheers
Andrew
From | Date | Subject | |
---|---|---|---|
Next Message | Tomas Vondra | 2023-01-01 22:36:49 | Re: postgres_fdw: using TABLESAMPLE to collect remote sample |
Previous Message | Thomas Munro | 2023-01-01 19:38:25 | Re: Is RecoveryConflictInterrupt() entirely safe in a signal handler? |