On 09/10/2012 03:01 PM, Sigbjorn Lie wrote:
On 09/10/2012 10:36 PM, Rich Megginson wrote:
On 09/10/2012 01:59 PM, Sigbjorn Lie wrote:
Hi,

I added indexes for automountKey, and automountmapname yesterday in my test environment to see if that would speed the automounters up a bit, and now the automounters does not always work. They manage to look up the map, but not the keys in the map.

Restarting the automounter sometimes work for some maps, but then the other maps stop working.

Below is an example from the messages file when doing doing "ls /prog."

Sep 10 19:55:22 mordor automount[3041]: lookup_mount: lookup(ldap): looking up nagios Sep 10 19:55:22 mordor automount[3041]: find_dc_server: trying server uri ldap://ipa01.ix.test.com:389 Sep 10 19:55:22 mordor automount[3041]: do_bind: lookup(ldap): auth_required: 2, sasl_mech GSSAPI Sep 10 19:55:22 mordor automount[3041]: sasl_bind_mech: Attempting sasl bind with mechanism GSSAPI Sep 10 19:55:22 mordor automount[3041]: getuser_func: called with context (nil), id 16385. Sep 10 19:55:22 mordor automount[3041]: getuser_func: called with context (nil), id 16385. Sep 10 19:55:22 mordor automount[3041]: sasl_bind_mech: sasl bind with mechanism GSSAPI succeeded Sep 10 19:55:22 mordor automount[3041]: do_bind: lookup(ldap): autofs_sasl_bind returned 0 Sep 10 19:55:22 mordor automount[3041]: connected to uri ldap://ipa01.ix.test.com:389 Sep 10 19:55:22 mordor automount[3041]: lookup_one: lookup(ldap): searching for "(&(objectclass=automount)(|(automountKey=nagios)(automountKey=/)(automountKey=\2A)))" under "automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com" Sep 10 19:55:22 mordor automount[3041]: lookup_one: lookup(ldap): getting first entry for automountKey="nagios" Sep 10 19:55:22 mordor automount[3041]: lookup_one: lookup(ldap): got answer, but no entry for (&(objectclass=automount)(|(automountKey=nagios)(automountKey=/)(automountKey=\2A))) Sep 10 19:55:22 mordor automount[3041]: dev_ioctl_send_fail: token = 798
Sep 10 19:55:22 mordor automount[3041]: failed to mount /prog/nagios
Sep 10 19:55:22 mordor automount[3041]: handle_packet: type = 3
Sep 10 19:55:22 mordor automount[3041]: handle_packet_missing_indirect: token 799, name os, request pid 3233



All folders return like this:

ls: cannot access /prog/nagios: No such file or directory



The 389-ds access log looks like this:

[10/Sep/2012:19:59:47 +0200] conn=1821 op=1 BIND dn="" method=sasl version=3 mech=GSSAPI [10/Sep/2012:19:59:47 +0200] conn=1821 op=1 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress [10/Sep/2012:19:59:47 +0200] conn=1821 op=2 BIND dn="" method=sasl version=3 mech=GSSAPI [10/Sep/2012:19:59:47 +0200] conn=1821 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="fqdn=mordor.ix.test.com,cn=computers,cn=accounts,dc=ix,dc=test,dc=com" [10/Sep/2012:19:59:47 +0200] conn=1821 op=3 SRCH base="automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com" scope=2 filter="(&(objectClass=automount)(|(automountKey=utils)(automountKey=/)(automountKey=\2a)))" attrs="automountKey automountInformation" [10/Sep/2012:19:59:47 +0200] conn=1821 op=3 RESULT err=0 tag=101 nentries=0 etime=0
[10/Sep/2012:19:59:47 +0200] conn=1821 op=4 UNBIND
[10/Sep/2012:19:59:47 +0200] conn=1821 op=4 fd=86 closed - U1


Running the query manually return:

~$ ldapsearch -YGSSAPI -b automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com '(&(objectClass=automount)(|(automountKey=utils)(automountKey=/)(automountKey=\2a)))'
SASL/GSSAPI authentication started
SASL username: u...@ix.test.com
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com> with scope subtree # filter: (&(objectClass=automount)(|(automountKey=utils)(automountKey=/)(automountKey=\2a)))
# requesting: ALL
#

# search result
search: 4
result: 0 Success

# numResponses: 1



Running this search without any filter returns:
$ ldapsearch -YGSSAPI -b automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com

<lot of stuff cut away>

# utils -vers\3D3\2Csec\3Dsys filer01:/volumes/p00/prog/utils, auto_prog,
  svg1, automount, ix.test.com
dn: description=utils -vers\3D3\2Csec\3Dsys filer01:/volumes/p00/prog/util
 s,automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com
description: utils -vers=3,sec=sys filer01:/volumes/p00/prog/utils
automountInformation: -vers=3,sec=sys filer01:/volumes/p00/prog/utils
automountKey: utils
objectClass: automount
objectClass: top

<lot of stuff cut away>

The two indexes I created are these:

# automountkey, index, userRoot, ldbm database, plugins, config
dn: cn=automountkey,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
cn: automountkey
objectClass: top
objectClass: nsIndex
nsSystemIndex: false
nsIndexType: eq

# automountmapname, index, userRoot, ldbm database, plugins, config
dn: cn=automountmapname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=co
 nfig
cn: automountmapname
objectClass: top
objectClass: nsIndex
nsSystemIndex: false
nsIndexType: eq

And then I ran at these commands:
# /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory Manager" -w - -n userroot -t automountmapname:eq -v # /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory Manager" -w - -n userroot -t automountkey:eq -v

What is going on?
ls -al /var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot
dbscan -f /var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot/automountmapname.db*
dbscan -f /var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot/automountkey.db*

I just ran these commands before you sent your email:
# /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory Manager" -w - -n userroot -t automountmapname -v # /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory Manager" -w - -n userroot -t automountkey -v

But only on one IPA server. This might explain why the automounter was working every now and then as I am using the SRV records for the automounter to discover the LDAP server hostname.

The commands you sent show everything as being OK now.
ls -al /var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot
-rw-------  1 dirsrv dirsrv   16384 Sep 10 21:57 automountkey.db4
-rw-------  1 dirsrv dirsrv   16384 Sep  9 22:07 automountmapname.db4

The dbscan commands lists all the automount maps and keys as:
<cut>
=auto.direct
=auto.master
<cut>

and:
<cut>
=utils
<cut>

Did an error occur when I initially created the indexes? Was it incorrect to specify ":eq" ?
Looks like there is a bug in db2index_add_indexed_attr - it should split the comma delimited list of index types after the ":" into separate values of the nsIndexType attribute.

If you don't specify the ":type,type" then it uses the defaults that you have configured.


Regards,
Siggi






_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to