I ran the slapd botw ways suggested by the error.
Here are the logs:
First (shorter one):
Jul 30 05:40:04 ldap1 slapd[12723]: @(#) $OpenLDAP: slapd 2.3.30 (Dec 12
2006 22:14:39) $
[EMAIL PROTECTED]:/tmp/buildd/openldap2.3-2.3.30/debian/build/servers/slapd
Jul 30 05:40:06 ldap1 slapd[12723]: main: TLS init def ctx failed: -1
Jul 30 05:40:06 ldap1 slapd[12723]: slapd stopped.
Jul 30 05:40:06 ldap1 slapd[12723]: connections_destroy: nothing to
destroy.
Second (longer one):
Jul 30 05:38:00 ldap1 slapd[12700]: @(#) $OpenLDAP: slapd 2.3.30 (Dec 12
2006 22:14:39) $
[EMAIL PROTECTED]:/tmp/buildd/openldap2.3-2.3.30/debian/build/servers/slapd
Jul 30 05:38:00 ldap1 slapd[12700]: slapd starting
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 fd=11 ACCEPT from
IP=10.2.2.2:39150 (IP=0.0.0.0:389)
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=0 STARTTLS
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=0 RESULT oid= err=0 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 fd=11 TLS established
tls_ssf=128 ssf=128
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=1 BIND
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=1 BIND
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=1 RESULT tag=97 err=0 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=2 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=2 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=3 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=3 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=4 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=4 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=4 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=5 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=5 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=5 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=6 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=6 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=6 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=7 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=7 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=7 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=8 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=8 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=8 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=9 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=9 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=9 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 fd=14 ACCEPT from
IP=10.2.2.2:39152 (IP=0.0.0.0:389)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=0 STARTTLS
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=0 RESULT oid= err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 fd=14 TLS established
tls_ssf=128 ssf=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=1 BIND
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=1 BIND
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=1 RESULT tag=97 err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=2 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=2 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=3 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=3 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=4 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=4 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=4 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=5 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=5 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=5 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=6 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=6 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=6 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=7 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=7 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=7 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=8 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=8 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=8 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=9 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=9 SRCH attr=uid
userPassword shadowLastChange shadowMax shadowMin shadowWarning
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=9 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 fd=15 ACCEPT from
IP=10.2.2.2:39153 (IP=0.0.0.0:389)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=0 STARTTLS
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=0 RESULT oid= err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 fd=15 TLS established
tls_ssf=128 ssf=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=1 BIND
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=1 BIND
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=1 RESULT tag=97 err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=2 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=2 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=3 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=4 SRCH
base="ou=Group,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixGroup)(|(memberUid=lorencova)(uniqueMember=uid=lorencova,ou=people,dc=misbb,dc=sk)))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=4 SRCH attr=gidNumber
Jul 30 05:38:05 ldap1 slapd[12700]: <= bdb_equality_candidates:
(memberUid) index_param failed (18)
Jul 30 05:38:05 ldap1 slapd[12700]: <= bdb_equality_candidates:
(uniqueMember) index_param failed (18)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=4 SEARCH RESULT tag=101
err=0 nentries=2 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=5 SRCH
base="ou=Group,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixGroup)(uniqueMember=cn=domainusers,ou=group,dc=misbb,dc=sk))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=5 SRCH attr=gidNumber
Jul 30 05:38:05 ldap1 slapd[12700]: <= bdb_equality_candidates:
(uniqueMember) index_param failed (18)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=5 SEARCH RESULT tag=101
err=0 nentries=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 fd=15 closed (connection lost)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 fd=15 ACCEPT from
IP=127.0.0.1:48682 (IP=0.0.0.0:389)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=0 BIND
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=0 BIND
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=0 RESULT tag=97 err=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=1 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 filter="(uid=root)"
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=1 SEARCH RESULT tag=101
err=0 nentries=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 fd=16 ACCEPT from
IP=127.0.0.1:48683 (IP=0.0.0.0:389)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=0 BIND
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=0 BIND
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=0 RESULT tag=97 err=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=1 SRCH
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixAccount)(uid=root))"
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=1 SEARCH RESULT tag=101
err=0 nentries=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=2 SRCH
base="ou=Group,dc=misbb,dc=sk" scope=1 deref=0
filter="(&(objectClass=posixGroup)(memberUid=root))"
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=2 SRCH attr=gidNumber
Jul 30 05:38:22 ldap1 slapd[12700]: <= bdb_equality_candidates:
(memberUid) index_param failed (18)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=2 SEARCH RESULT tag=101
err=0 nentries=0 text=
Jul 30 05:38:35 ldap1 slapd[12700]: daemon: shutdown requested and
initiated.
Jul 30 05:38:35 ldap1 slapd[12700]: conn=0 fd=11 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: conn=1 fd=14 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: conn=3 fd=15 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: conn=4 fd=16 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: slapd shutdown: waiting for 0
threads to terminate
Jul 30 05:38:35 ldap1 slapd[12700]: slapd stopped.
From the first log seems like TLS error somehow.
I'll examine the certificate file permissions and let You know.
Peter
Quanah Gibson-Mount wrote / napísal(a):
--On Tuesday, June 26, 2007 11:27 PM -0700 Russ Allbery <[EMAIL PROTECTED]>
wrote:
retitle 416272 slapd: error "main: TLS init def ctx failed: -1" on start
tags 416272 -unreproducible
thanks
Mgr Peter Tuharsky <[EMAIL PROTECTED]> writes:
Hi,
I tested the script again with NO success.
slapd version: 2.3.30-2
I set the ownership of /var/lib/ldap files to openldap.openldap, start
(as root) using
cd /etc/init.d
./slapd start
however the distributional script just displays error and dosen't start
the slapd at all:
Starting OpenLDAP: slapd - failed.
The operation failed but no output was produced. For hints on what went
wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
try running the daemon in Debug mode like via "slapd -d 16383" (warning:
this will create copious output).
Sounds like the init script is working just fine; your server either
has a
configuration problem or something else is preventing TLS initialization
from succeeding.
The error here indicates user error in configuring TLS in slapd.conf,
and is not indicative of an error in the script. Generally, check that
all paths to the certs referenced are correct, and that the slapd user
has permissions to read them.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
--
Odchádzajúca správa neobsahuje vírusy, nepoužívam Windows.
=======================
Mgr. Peter Tuhársky
Referát informatiky
Mesto Banská Bystrica
ČSA 26
975 39 Banská Bystrica
Tel: +421 48 4330 118
Fax: +421 48 411 3575
=======================