On 09/10/2012 04:16 PM, Dmitri Pal wrote:
On 09/10/2012 05:27 PM, Rich Megginson wrote:
On 09/10/2012 03:01 PM, Sigbjorn Lie wrote:
On 09/10/2012 10:36 PM, Rich Megginson wrote:
On 09/10/2012 01:59 PM, Sigbjorn Lie wrote:
Hi,

I added indexes for automountKey, and automountmapname yesterday in
my test environment to see if that would speed the automounters up
a bit, and now the automounters does not always work. They manage
to look up the map, but not the keys in the map.

Restarting the automounter sometimes work for some maps, but then
the other maps stop working.

Below is an example from the messages file when doing doing "ls
/prog."

Sep 10 19:55:22 mordor automount[3041]: lookup_mount: lookup(ldap):
looking up nagios
Sep 10 19:55:22 mordor automount[3041]: find_dc_server: trying
server uri ldap://ipa01.ix.test.com:389
Sep 10 19:55:22 mordor automount[3041]: do_bind: lookup(ldap):
auth_required: 2, sasl_mech GSSAPI
Sep 10 19:55:22 mordor automount[3041]: sasl_bind_mech: Attempting
sasl bind with mechanism GSSAPI
Sep 10 19:55:22 mordor automount[3041]: getuser_func: called with
context (nil), id 16385.
Sep 10 19:55:22 mordor automount[3041]: getuser_func: called with
context (nil), id 16385.
Sep 10 19:55:22 mordor automount[3041]: sasl_bind_mech: sasl bind
with mechanism GSSAPI succeeded
Sep 10 19:55:22 mordor automount[3041]: do_bind: lookup(ldap):
autofs_sasl_bind returned 0
Sep 10 19:55:22 mordor automount[3041]: connected to uri
ldap://ipa01.ix.test.com:389
Sep 10 19:55:22 mordor automount[3041]: lookup_one: lookup(ldap):
searching for
"(&(objectclass=automount)(|(automountKey=nagios)(automountKey=/)(automountKey=\2A)))"
under
"automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com"
Sep 10 19:55:22 mordor automount[3041]: lookup_one: lookup(ldap):
getting first entry for automountKey="nagios"
Sep 10 19:55:22 mordor automount[3041]: lookup_one: lookup(ldap):
got answer, but no entry for
(&(objectclass=automount)(|(automountKey=nagios)(automountKey=/)(automountKey=\2A)))
Sep 10 19:55:22 mordor automount[3041]: dev_ioctl_send_fail: token
= 798
Sep 10 19:55:22 mordor automount[3041]: failed to mount /prog/nagios
Sep 10 19:55:22 mordor automount[3041]: handle_packet: type = 3
Sep 10 19:55:22 mordor automount[3041]:
handle_packet_missing_indirect: token 799, name os, request pid 3233



All folders return like this:

ls: cannot access /prog/nagios: No such file or directory



The 389-ds access log looks like this:

[10/Sep/2012:19:59:47 +0200] conn=1821 op=1 BIND dn="" method=sasl
version=3 mech=GSSAPI
[10/Sep/2012:19:59:47 +0200] conn=1821 op=1 RESULT err=14 tag=97
nentries=0 etime=0, SASL bind in progress
[10/Sep/2012:19:59:47 +0200] conn=1821 op=2 BIND dn="" method=sasl
version=3 mech=GSSAPI
[10/Sep/2012:19:59:47 +0200] conn=1821 op=2 RESULT err=0 tag=97
nentries=0 etime=0
dn="fqdn=mordor.ix.test.com,cn=computers,cn=accounts,dc=ix,dc=test,dc=com"
[10/Sep/2012:19:59:47 +0200] conn=1821 op=3 SRCH
base="automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com"
scope=2
filter="(&(objectClass=automount)(|(automountKey=utils)(automountKey=/)(automountKey=\2a)))"
attrs="automountKey automountInformation"
[10/Sep/2012:19:59:47 +0200] conn=1821 op=3 RESULT err=0 tag=101
nentries=0 etime=0
[10/Sep/2012:19:59:47 +0200] conn=1821 op=4 UNBIND
[10/Sep/2012:19:59:47 +0200] conn=1821 op=4 fd=86 closed - U1


Running the query manually return:

~$ ldapsearch -YGSSAPI -b
automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com 
'(&(objectClass=automount)(|(automountKey=utils)(automountKey=/)(automountKey=\2a)))'

SASL/GSSAPI authentication started
SASL username: u...@ix.test.com
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base
<automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com>
with scope subtree
# filter:
(&(objectClass=automount)(|(automountKey=utils)(automountKey=/)(automountKey=\2a)))
# requesting: ALL
#

# search result
search: 4
result: 0 Success

# numResponses: 1



Running this search without any filter returns:
$ ldapsearch -YGSSAPI -b
automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com

<lot of stuff cut away>

# utils -vers\3D3\2Csec\3Dsys filer01:/volumes/p00/prog/utils,
auto_prog,
   svg1, automount, ix.test.com
dn: description=utils -vers\3D3\2Csec\3Dsys
filer01:/volumes/p00/prog/util
  s,automountmapname=auto_prog,cn=svg1,cn=automount,dc=ix,dc=test,dc=com

description: utils -vers=3,sec=sys filer01:/volumes/p00/prog/utils
automountInformation: -vers=3,sec=sys filer01:/volumes/p00/prog/utils
automountKey: utils
objectClass: automount
objectClass: top

<lot of stuff cut away>

The two indexes I created are these:

# automountkey, index, userRoot, ldbm database, plugins, config
dn: cn=automountkey,cn=index,cn=userRoot,cn=ldbm
database,cn=plugins,cn=config
cn: automountkey
objectClass: top
objectClass: nsIndex
nsSystemIndex: false
nsIndexType: eq

# automountmapname, index, userRoot, ldbm database, plugins, config
dn: cn=automountmapname,cn=index,cn=userRoot,cn=ldbm
database,cn=plugins,cn=co
  nfig
cn: automountmapname
objectClass: top
objectClass: nsIndex
nsSystemIndex: false
nsIndexType: eq

And then I ran at these commands:
# /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory
Manager" -w - -n userroot -t automountmapname:eq -v
# /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory
Manager" -w - -n userroot -t automountkey:eq -v

What is going on?
ls -al /var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot
dbscan -f
/var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot/automountmapname.db*
dbscan -f
/var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot/automountkey.db*
I just ran these commands before you sent your email:
# /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory
Manager" -w - -n userroot -t automountmapname -v
# /var/lib/dirsrv/scripts-IX-TEST-COM/db2index.pl -D "cn=Directory
Manager" -w - -n userroot -t automountkey -v

But only on one IPA server. This might explain why the automounter
was working every now and then as I am using the SRV records for the
automounter to discover the LDAP server hostname.

The commands you sent show everything as being OK now.
ls -al /var/lib/dirsrv/slapd-IX-TEST-COM/db/userRoot
-rw-------  1 dirsrv dirsrv   16384 Sep 10 21:57 automountkey.db4
-rw-------  1 dirsrv dirsrv   16384 Sep  9 22:07 automountmapname.db4

The dbscan commands lists all the automount maps and keys as:
<cut>
=auto.direct
=auto.master
<cut>

and:
<cut>
=utils
<cut>

Did an error occur when I initially created the indexes? Was it
incorrect to specify ":eq" ?
Looks like there is a bug in db2index_add_indexed_attr - it should
split the comma delimited list of index types after the ":" into
separate values of the nsIndexType attribute.

If you don't specify the ":type,type" then it uses the defaults that
you have configured.
Rich should we rise a DS ticket here?
Yes. https://fedorahosted.org/389/ticket/453

Regards,
Siggi





_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to