we have found out that the openldap update from 2.4.56-2 to 2.4.58-1 removes the group ldap. We checked the pre/post-scripts in the rpm and they seem to work, so we are not sure where the problem is.
### Make sure group ldap is available
root@aixserver0001 /root# lsgroup ldap
3004-686 Group "ldap" does not exist.
root@aixserver0001 /root# lsgroup ldap > /dev/null 2>&1 || mkgroup id=55 ldap
root@aixserver0001 /root# lsgroup ldap
ldap id=55 admin=false users= registry=files
### Update process removes ldap group
root@aixserver0001 /root# yum update openldap
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package openldap.ppc 0:2.4.56-2 will be updated
---> Package openldap.ppc 0:2.4.58-1 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================================================================
Package Arch Version Repository Size
===========================================================================================================================================================
Updating:
openldap ppc 2.4.58-1 AIX_YUM_LOCAL_ppc 4.3 M
Transaction Summary
===========================================================================================================================================================
Upgrade 1 Package
Total download size: 4.3 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : openldap-2.4.58-1.ppc 1/2
Cleanup : openldap-2.4.56-2.ppc 2/2
Updated:
openldap.ppc 0:2.4.58-1
Complete!
root@aixserver0001 /root# lsgroup ldap
3004-686 Group "ldap" does not exist.
### Pre/Post-Install scripts of the RPM
root@aixserver0001 /root# rpm -qi --scripts openldap-2.4.58-1.ppc
Name : openldap
Version : 2.4.58
Release : 1
Architecture: ppc
Install Date: Mon Jan 24 13:12:45 MEZ 2022
Group : System Environment/Daemons
Size : 12925899
License : OpenLDAP
Signature : (none)
Source RPM : openldap-2.4.58-1.src.rpm
Build Date : Mon Apr 12 12:25:19 MESZ 2021
Build Host : pokndd5.pok.stglabs.ibm.com
Summary : The configuration files, libraries, and documentation for OpenLDAP
Description :
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. The openldap package contains configuration files,
libraries, and documentation for OpenLDAP.
preinstall scriptlet (using /bin/sh):
# add the "ldap" group only if it does not yet exist
result=`/usr/sbin/lsgroup ldap | /usr/bin/awk '{ print $1 }' 2>/dev/null`
if [ "${result}" != "ldap" ] ; then
/usr/bin/mkgroup ldap 2> /dev/null || :
fi
postinstall scriptlet (using /bin/sh):
if [ "$1" == "2" ];then
output=$(/usr/bin/lslpp -l|/usr/bin/grep idsldap)
if [ ! -z "$output" ];then
version=$(/usr/bin/echo "$output"|/usr/bin/head -1|/usr/bin/awk '{print $2}'|/usr/bin/cut -d. -f1,2)
echo ""
echo "Openldap <= 2.4.46-1 overwrites symbolic links created by ibmldap in /usr/bin. From 2.4.46-2 onwards, no files are being shipped in /usr/bin directory."
echo "So updating openldap from any version <= 2.4.46-1 will remove symbolic links created by ibmldap in /usr/bin. One can recreate them using the following command"
echo "/opt/IBM/ldap/V${version}/bin/idslink -g -f"
echo ""
fi
fi
preuninstall scriptlet (using /bin/sh):
if [ "$1" = "0" ] ; then
/sbin/service ldap stop > /dev/null 2>&1 || :
fi
# remove "ldap" group
/usr/sbin/rmgroup ldap || :
### PreInstall-Snippet seems to work
root@aixserver0001 /root# if [ "${result}" != "ldap" ] ; then
> /usr/bin/mkgroup ldap 2> /dev/null || :
> fi
root@aixserver0001 /root# lsgroup ldap
ldap id=242 admin=false users= registry=files