> On Jan 1, 2023, at 2:03 PM, Thomas Munro <thomas.munro@gmail.com> wrote:
>
> On Mon, Jan 2, 2023 at 3:04 AM Andrew Dunstan <andrew@dunslane.net> wrote:
>>> On 2022-12-19 Mo 11:16, Andrew Dunstan wrote:
>>> There is currently no test for the use of ldapbindpasswd in the
>>> pg_hba.conf file. This patch, mostly the work of John Naylor, remedies that.
>>>
>>>
>>
>> This currently has failures on the cfbot for meson builds on FBSD13 and
>> Debian Bullseye, but it's not at all clear why. In both cases it fails
>> where the ldap server is started.
>
> I think it's failing when using meson. I guess it fails to fail on
> macOS only because you need to add a new path for Homebrew/ARM like
> commit 14d63dd2, so it's skipping (it'd be nice if we didn't need
> another copy of all that logic). Trying locally... it looks like
> slapd is failing silently, and with some tracing I can see it's
> sending an error message to my syslog daemon, which logged:
>
> 2023-01-02T07:50:20.853019+13:00 x1 slapd[153599]: main: TLS init def
> ctx failed: -1
>
> Ah, it looks like this test is relying on "slapd-certs", which doesn't exist:
>
> tmunro@x1:~/projects/postgresql/build$ ls testrun/ldap/001_auth/data/
> ldap.conf ldappassword openldap-data portlock slapd-certs slapd.conf
> tmunro@x1:~/projects/postgresql/build$ ls testrun/ldap/002_bindpasswd/data/
> portlock slapd.conf
>
> I didn't look closely, but apparently there is something wrong in the
> part that copies certs from the ssl test? Not sure why it works for
> autoconf...
Thanks, I see the problem. Will post a revised patch shortly
Cheers
Andrew
