On Mon, Jan 2, 2023 at 3:04 AM Andrew Dunstan <andrew@dunslane.net> wrote:
> On 2022-12-19 Mo 11:16, Andrew Dunstan wrote:
> > There is currently no test for the use of ldapbindpasswd in the
> > pg_hba.conf file. This patch, mostly the work of John Naylor, remedies that.
> >
> >
>
> This currently has failures on the cfbot for meson builds on FBSD13 and
> Debian Bullseye, but it's not at all clear why. In both cases it fails
> where the ldap server is started.
I think it's failing when using meson. I guess it fails to fail on
macOS only because you need to add a new path for Homebrew/ARM like
commit 14d63dd2, so it's skipping (it'd be nice if we didn't need
another copy of all that logic). Trying locally... it looks like
slapd is failing silently, and with some tracing I can see it's
sending an error message to my syslog daemon, which logged:
2023-01-02T07:50:20.853019+13:00 x1 slapd[153599]: main: TLS init def
ctx failed: -1
Ah, it looks like this test is relying on "slapd-certs", which doesn't exist:
tmunro@x1:~/projects/postgresql/build$ ls testrun/ldap/001_auth/data/
ldap.conf ldappassword openldap-data portlock slapd-certs slapd.conf
tmunro@x1:~/projects/postgresql/build$ ls testrun/ldap/002_bindpasswd/data/
portlock slapd.conf
I didn't look closely, but apparently there is something wrong in the
part that copies certs from the ssl test? Not sure why it works for
autoconf...
