On Wed, 23 Sep 2009, Tim Judd wrote: > > On a related note, why is slapd so damn fragile? It's a righteous > > pain in the bum the way you have to run db_recover-X.Y > > /var/db/openldap-data if slapd fails to start. > > I run OpenLDAP on a few boxes. I don't recall the power failures or > rude shutdowns to ever give me problems... Course, I don't have > anything hi-traffic, so I would definately have time for softupdates > to flush to disk before a crash is inevitable.
This isn't high traffic, it's basically read only. > I've marked this thread, it's been useful already with the > '[unavail=continue notfound=continue]' pieces after the ldap > dictionary in nsswitch.conf man nsswitch.conf :) > Now I have another command, db_recover You can benefit from my torn out hair from when I went looking for it :) > > disabled (which is recommended for performance!) it won't say > > _anything_. > > To have OpenLDAP logging, you have to insert local4.* statements in > syslog.conf, touch the given file, and restart syslog. Any logging > that OpenLDAP would need to send, is then recorded in syslog. > > Why they picked 4, of 1 through 7, I'm not sure. Thanks, I've enabled it, normally I just fish through all.log :) -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
Description: This is a digitally signed message part.