lejeczek via FreeIPA-users wrote: > Hi guys. > > I've a replica in container which deploys & works seemingly a okey, > container reboot is not detrimental to IPA yet host reboot seems to > break LDAP down. > Both container and host, are up to date Centos 9, it's a rootful container. > So far - a several times - it reproduces each time - I can remove > "broken" container, re-create anew, it works, then host reboots and ... > a bummer. > Anybody seen this or similar issues? Log snippets: > > -> $ ipactl restart > Starting Directory Service > Failed to start Directory Service: CalledProcessError(Command > ['/bin/systemctl', 'start', '[email protected]'] returned > non-zero exit status 1) > > Starting 389 Directory Server MINE-PRIV.... > [email protected]: ProtectHostname=yes is configured, but UTS > namespace setup is prohibited (container manager?), ignoring namespace > setup. > [email protected]: ProtectHostname=yes is configured, but UTS > namespace setup is prohibited (container manager?), ignoring namespace > setup. > [email protected]: ProtectHostname=yes is configured, but UTS > namespace setup is prohibited (container manager?), ignoring namespace > setup. > [25/May/2023:20:38:08.747319489 +0000] - CRIT - Security Initialization > - warn_if_no_cert_file - Certificate DB file cert8.db nor cert9.db > exists in [/etc/dirsrv/slapd-MINE-PRIV] - SSL initialization will likely > fail > [25/May/2023:20:38:08.752730373 +0000] - CRIT - Security Initialization > - warn_if_no_key_file - Key DB file key3.db nor key4.db exists in > [/etc/dirsrv/slapd-MINE-PRIV] - SSL initialization will likely fail > [25/May/2023:20:38:08.768566520 +0000] - ERR - Security Initialization - > SSL failure: NSS initialization failed (Netscape Portable Runtime error > -8174 - security library: bad database.): certdir: > /etc/dirsrv/slapd-MINE-PRIV > [25/May/2023:20:38:08.770531395 +0000] - ERR - force_to_disable_security > - ERROR: NSS Initialization Failed. Disabling NSS. > [25/May/2023:20:38:08.772440575 +0000] - ERR - set_workingdir - detach: > failed to chdir to /var/log/dirsrv/slapd-MINE-PRIV > [25/May/2023:20:38:08.774326540 +0000] - ERR - set_workingdir - detach: > set workingdir failed with "Working directory "/" is not writeable." > [25/May/2023:20:38:08.776402306 +0000] - INFO - main - > 389-Directory/2.2.4 B2022.347.0000 starting up > [25/May/2023:20:38:08.778279795 +0000] - INFO - main - Setting the > maximum file descriptor limit to: 1024 > [25/May/2023:20:38:08.780257034 +0000] - ERR - fedse_create_startOK - > Cannot copy DSE file "/etc/dirsrv/slapd-MINE-PRIV/dse.ldif" to > "/etc/dirsrv/slapd-MINE-PRIV/dse.ldif.startOK" OS error 13 (Permission > denied) > [25/May/2023:20:38:08.782222230 +0000] - ERR - dse_write_file_nolock - > Cannot open temporary DSE file > "/etc/dirsrv/slapd-MINE-PRIV/dse.ldif.tmp" for update: OS error 13 > (Permission denied) > [25/May/2023:20:38:08.787607325 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.789526243 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.791436584 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.793404806 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.795305449 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.797253522 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.799164114 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.801065298 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.803027158 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.804938281 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.806866727 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.808871438 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.810796257 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.812761433 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.814675903 +0000] - ERR - PBKDF2_SHA256 - Unable to > generate algorithm ID. > [25/May/2023:20:38:08.816595692 +0000] - ERR - PBKDF2_SHA256 - Could not > generate pbkdf2_sha256_hash! > [25/May/2023:20:38:08.818568974 +0000] - INFO - PBKDF2_SHA256 - Based on > CPU performance, chose 12000 rounds > [25/May/2023:20:38:08.822101547 +0000] - INFO - > ldbm_instance_config_cachememsize_set - force a minimal value 512000 > [25/May/2023:20:38:08.824226177 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr aci > [25/May/2023:20:38:08.826218264 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-cachesize > [25/May/2023:20:38:08.828147422 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-cachememsize > [25/May/2023:20:38:08.830689678 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-readonly > [25/May/2023:20:38:08.832725468 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-require-index > [25/May/2023:20:38:08.834666098 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-require-internalop-index > [25/May/2023:20:38:08.836658115 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-dncachememsize > [25/May/2023:20:38:08.838859671 +0000] - INFO - ldbm_instance_config_set > - instance: userRoot attr nsslapd-directory > [25/May/2023:20:38:08.843583015 +0000] - INFO - > ldbm_instance_config_cachememsize_set - force a minimal value 512000 > [25/May/2023:20:38:08.845746619 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-cachesize > [25/May/2023:20:38:08.847696185 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-cachememsize > [25/May/2023:20:38:08.850034512 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-readonly > [25/May/2023:20:38:08.852052299 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-require-index > [25/May/2023:20:38:08.854005963 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-require-internalop-index > [25/May/2023:20:38:08.855960008 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-dncachememsize > [25/May/2023:20:38:08.858087924 +0000] - INFO - ldbm_instance_config_set > - instance: ipaca attr nsslapd-directory > [25/May/2023:20:38:08.862288731 +0000] - INFO - > ldbm_instance_config_cachememsize_set - force a minimal value 512000 > [25/May/2023:20:38:08.864482192 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-cachesize > [25/May/2023:20:38:08.866449653 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-cachememsize > [25/May/2023:20:38:08.868618397 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-readonly > [25/May/2023:20:38:08.870625282 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-require-index > [25/May/2023:20:38:08.872589927 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-require-internalop-index > [25/May/2023:20:38:08.874549833 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-dncachememsize > [25/May/2023:20:38:08.876699000 +0000] - INFO - ldbm_instance_config_set > - instance: changelog attr nsslapd-directory > [25/May/2023:20:38:08.880669548 +0000] - NOTICE - bdb_start_autotune - > found 32506232k physical memory > [25/May/2023:20:38:08.882702473 +0000] - NOTICE - bdb_start_autotune - > found 28174216k available > [25/May/2023:20:38:08.884678500 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: db cache: 1572864k > [25/May/2023:20:38:08.886641071 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: userRoot entry cache (3 total): 2031616k > [25/May/2023:20:38:08.889062407 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: userRoot dn cache (3 total): 262144k > [25/May/2023:20:38:08.891234948 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: ipaca entry cache (3 total): 2031616k > [25/May/2023:20:38:08.893482262 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: ipaca dn cache (3 total): 262144k > [25/May/2023:20:38:08.895602163 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: changelog entry cache (3 total): 2031616k > [25/May/2023:20:38:08.897693539 +0000] - NOTICE - bdb_start_autotune - > cache autosizing: changelog dn cache (3 total): 262144k > [25/May/2023:20:38:08.899736183 +0000] - NOTICE - bdb_start_autotune - > total cache size: 8657043456 B; > [25/May/2023:20:38:08.901810216 +0000] - ERR - bdb_version_write - Could > not open file "/var/lib/dirsrv/slapd-MINE-PRIV/db/DBVERSION" for writing > Netscape Portable Runtime -5966 (Access Denied.) > [25/May/2023:20:38:08.903797254 +0000] - ERR - mkdir_p - > /var/lib/dirsrv: error -5943 (Cannot create or rename a filename that > already exists.) > [25/May/2023:20:38:08.905887528 +0000] - CRIT - bdb_start - Can't start > because the database directory "/var/lib/dirsrv/slapd-MINE-PRIV/db" > either doesn't exist, or is not accessible > [25/May/2023:20:38:08.907883443 +0000] - ERR - ldbm_back_start - Failed > to init database, err=-1 Unexpected dbimpl error code > [25/May/2023:20:38:08.909873536 +0000] - ERR - > plugin_dependency_startall - Failed to start database plugin ldbm database > [25/May/2023:20:38:08.912185504 +0000] - ERR - schema-compat-plugin - > scheduled schema-compat-plugin tree scan in about 5 seconds after the > server startup! > [25/May/2023:20:38:08.914588354 +0000] - CRIT - dblayer_setup - > dblayer_init failed > [25/May/2023:20:38:08.916582074 +0000] - ERR - ldbm_back_start - Failed > to setup dblayer > [25/May/2023:20:38:08.918659775 +0000] - ERR - > plugin_dependency_startall - Failed to start database plugin ldbm database > [25/May/2023:20:38:08.920651491 +0000] - ERR - > plugin_dependency_startall - Failed to resolve plugin dependencies > [25/May/2023:20:38:08.922769498 +0000] - ERR - > plugin_dependency_startall - betxnpreoperation plugin 7-bit check is not > started > [25/May/2023:20:38:08.924779700 +0000] - ERR - > plugin_dependency_startall - preoperation plugin Account Usability > Plugin is not started > [25/May/2023:20:38:08.926780244 +0000] - ERR - > plugin_dependency_startall - accesscontrol plugin ACL Plugin is not started > [25/May/2023:20:38:08.928838868 +0000] - ERR - > plugin_dependency_startall - preoperation plugin ACL preoperation is not > started > [25/May/2023:20:38:08.930855532 +0000] - ERR - > plugin_dependency_startall - betxnpreoperation plugin Auto Membership > Plugin is not started > [25/May/2023:20:38:08.932879861 +0000] - ERR - > plugin_dependency_startall - preoperation plugin caacl name uniqueness > is not started > [25/May/2023:20:38:08.934954846 +0000] - ERR - > plugin_dependency_startall - preoperation plugin certificate store > issuer/serial uniqueness is not started > [25/May/2023:20:38:08.936969697 +0000] - ERR - > plugin_dependency_startall - preoperation plugin certificate store > subject uniqueness is not started > [25/May/2023:20:38:08.939096711 +0000] - ERR - > plugin_dependency_startall - object plugin Class of Service is not started > [25/May/2023:20:38:08.941113295 +0000] - ERR - > plugin_dependency_startall - object plugin Content Synchronization is > not started > [25/May/2023:20:38:08.943127434 +0000] - ERR - > plugin_dependency_startall - preoperation plugin deref is not started > [25/May/2023:20:38:08.945181109 +0000] - ERR - > plugin_dependency_startall - bepreoperation plugin Distributed Numeric > Assignment Plugin is not started > [25/May/2023:20:38:08.947196180 +0000] - ERR - > plugin_dependency_startall - preoperation plugin IPA DNS is not started > [25/May/2023:20:38:08.949205500 +0000] - ERR - > plugin_dependency_startall - object plugin IPA Graceperiod is not started > [25/May/2023:20:38:08.951276348 +0000] - ERR - > plugin_dependency_startall - object plugin IPA Lockout is not started > [25/May/2023:20:38:08.953303542 +0000] - ERR - > plugin_dependency_startall - betxnpostoperation plugin IPA MODRDN is not > started > [25/May/2023:20:38:08.955319695 +0000] - ERR - > plugin_dependency_startall - preoperation plugin IPA OTP Counter is not > started > [25/May/2023:20:38:08.957401373 +0000] - ERR - > plugin_dependency_startall - preoperation plugin IPA OTP Last Token is > not started > [25/May/2023:20:38:08.959428697 +0000] - ERR - > plugin_dependency_startall - preoperation plugin IPA Range-Check is not > started > [25/May/2023:20:38:08.961479948 +0000] - ERR - > plugin_dependency_startall - postoperation plugin IPA SIDGEN is not started > [25/May/2023:20:38:08.963520437 +0000] - ERR - > plugin_dependency_startall - object plugin IPA Topology Configuration is > not started > [25/May/2023:20:38:08.965548823 +0000] - ERR - > plugin_dependency_startall - preoperation plugin IPA UUID is not started > [25/May/2023:20:38:08.967588822 +0000] - ERR - > plugin_dependency_startall - preoperation plugin IPA Version Replication > is not started > [25/May/2023:20:38:08.969640553 +0000] - ERR - > plugin_dependency_startall - preoperation plugin ipa-winsync is not started > [25/May/2023:20:38:08.971679109 +0000] - ERR - > plugin_dependency_startall - extendedop plugin ipa_enrollment_extop is > not started > [25/May/2023:20:38:08.973720600 +0000] - ERR - > plugin_dependency_startall - extendedop plugin ipa_extdom_extop is not > started > [25/May/2023:20:38:08.975765037 +0000] - ERR - > plugin_dependency_startall - extendedop plugin ipa_pwd_extop is not started > [25/May/2023:20:38:08.977817560 +0000] - ERR - > plugin_dependency_startall - preoperation plugin ipaSubordinateIdEntry > ipaOwner uniqueness is not started > [25/May/2023:20:38:08.979867658 +0000] - ERR - > plugin_dependency_startall - preoperation plugin ipaUniqueID uniqueness > is not started > [25/May/2023:20:38:08.981913688 +0000] - ERR - > plugin_dependency_startall - preoperation plugin krbCanonicalName > uniqueness is not started > [25/May/2023:20:38:08.983974386 +0000] - ERR - > plugin_dependency_startall - preoperation plugin krbPrincipalName > uniqueness is not started > [25/May/2023:20:38:08.986051896 +0000] - ERR - > plugin_dependency_startall - database plugin ldbm database is not started > [25/May/2023:20:38:08.988109989 +0000] - ERR - > plugin_dependency_startall - betxnpreoperation plugin Linked Attributes > is not started > [25/May/2023:20:38:08.990170186 +0000] - ERR - > plugin_dependency_startall - betxnpreoperation plugin Managed Entries is > not started > [25/May/2023:20:38:08.992227157 +0000] - ERR - > plugin_dependency_startall - betxnpostoperation plugin MemberOf Plugin > is not started > [25/May/2023:20:38:08.994270532 +0000] - ERR - > plugin_dependency_startall - object plugin Multisupplier Replication > Plugin is not started > [25/May/2023:20:38:08.996345598 +0000] - ERR - > plugin_dependency_startall - preoperation plugin netgroup uniqueness is > not started > [25/May/2023:20:38:08.998405354 +0000] - ERR - > plugin_dependency_startall - betxnpostoperation plugin referential > integrity postoperation is not started > [25/May/2023:20:38:09.000484848 +0000] - ERR - > plugin_dependency_startall - object plugin Retro Changelog Plugin is not > started > [25/May/2023:20:38:09.002615038 +0000] - ERR - > plugin_dependency_startall - object plugin Roles Plugin is not started > [25/May/2023:20:38:09.004668452 +0000] - ERR - > plugin_dependency_startall - preoperation plugin sudorule name > uniqueness is not started > [25/May/2023:20:38:09.006728329 +0000] - ERR - > plugin_dependency_startall - preoperation plugin uid uniqueness is not > started > [25/May/2023:20:38:09.008808835 +0000] - ERR - > plugin_dependency_startall - object plugin USN is not started > [25/May/2023:20:38:09.010895272 +0000] - ERR - > plugin_dependency_startall - object plugin Views is not started > [25/May/2023:20:38:09.012962683 +0000] - ERR - > plugin_dependency_startall - extendedop plugin whoami is not started > [email protected]: Main process exited, code=exited, status=1/FAILURE > [email protected]: Failed with result 'exit-code'. > Failed to start 389 Directory Server MINE-PRIV..
/etc/dirsrv/slapd-MINE-PRIV/ is not writable with a permission error. I'd start there. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
