On 12/18/2013 12:43 PM, Joe Mou wrote:
I have a broken IPA replica that appears to be suffering from a hung
directory server. The master seems to be working fine, but LDAP
requests to the replica hang indefinitely. I attached gdb to ns-slapd
and suspect a deadlock in cos_cache.c.
Thread 7 seems to be hung on an LDAP delete for a user account that we
recently removed. Every time the directory server is started, it tries
to issue this delete, apparently to sync the replica.
I have been unsuccessful in trying to remove the offending replica
because ipa-replica-manage seems to need to make LDAP requests against
the replica. For example:
$ ipa-replica-manage del p-ipa-wd02.prod.the.flatiron.com
<http://p-ipa-wd02.prod.the.flatiron.com>
^CConnection to 'p-ipa-wd02.prod.the.flatiron.com
<http://p-ipa-wd02.prod.the.flatiron.com>' failed: Insufficient
access: SASL(0): successful result:
Unable to delete replica 'p-ipa-wd02.prod.the.flatiron.com
<http://p-ipa-wd02.prod.the.flatiron.com>'
^CTraceback (most recent call last):
File "/usr/sbin/ipa-replica-manage", line 1252, in <module>
main()
KeyboardInterrupt
Backtraces of the suspicious threads and log excerpts are at
http://p.flatiron.com/~jmou/ipa/
<http://p.flatiron.com/%7Ejmou/ipa/> . I was only able to install a
limited set of debugging symbols; let me know if I can be of more help.
Any help in fixing this replica or even just removing it would be
greatly appreciated!
What is your platform? rpm -q 389-ds-base
There were some hangs with rhel 6.4.z. Please update to the latest
389-ds-base (1.2.11.15-30 or later) and nss 3.15.3 or later.
Joe
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
