[email protected] wrote: > Full_Name: Tyler Gates > Version: 2.4.25 > OS: Ubuntu 10.04 LTS > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (65.184.61.44) > > > I've been fighting with a strange issue related to a backend database using a > pcache configuration since upgrading from 2.4.24 to 2.4.25. Assuming there was > just something wrong with my cn=config I decided to start back fresh using > slapd.conf instead. > Once I got the config working just fine I used slaptest to convert the config > to > a new cn=config. Unfortunately when I tried using -F cn=config instead of my > -f > slapd.conf, slapd failed with the same old message:
Looks like this was broken by the patch for ITS#6837. Working on a new fix. > > May 22 09:15:58 directory-proxy2 slapd[25055]: backend_startup: warning, > database 0 (hdb) has no suffix > May 22 09:15:58 directory-proxy2 slapd[25055]: backend_startup_one: starting > "(unknown)" > May 22 09:15:58 directory-proxy2 slapd[25055]: hdb_db_open: need suffix. > May 22 09:15:58 directory-proxy2 slapd[25055]: backend_startup_one (type=hdb, > suffix="(null)"): bi_db_open failed! (-1) > May 22 09:15:58 directory-proxy2 slapd[25055]: slapd shutdown: initiated > > > The backend database has never required me specify a suffix since it is > already > specified in the ldap overlay and when I try to add it in I get slapd trying > to > open the database twice which results in the second instance having access > issues thus rendering all of the database inaccessible to queries. > > I'm assuming there has been a configuration change in cn=config for this > particular layout but slaptest has not been updated. Below is a copy of the > flat > file I used that worked fine but failed once converted to cn=config using > slaptest -f slapd.conf -F /etc/ldap/slapd.d/ > > root@directory-proxy:~# grep "^[^#]" /etc/ldap/slapd.conf.back_ldap_ppcache > include /etc/ldap/schema/core.schema > include /etc/ldap/schema/cosine.schema > include /etc/ldap/schema/nis.schema > include /etc/ldap/schema/inetorgperson.schema > include /etc/ldap/schema/openldap.schema > include /etc/ldap/schema/sudo.schema > include /etc/ldap/schema/autofs.schema > include /etc/ldap/schema/ppolicy.schema > include /etc/ldap/schema/qmail.schema > include /etc/ldap/schema/puppet.schema > pidfile /var/run/slapd/slapd.pid > argsfile /var/run/slapd/slapd.args > modulepath /usr/lib/ldap > moduleload back_ldap > moduleload back_hdb > moduleload pcache > moduleload ppolicy > TLSCertificateFile /etc/ldap/ssl/slapd.crt > TLSCertificateKeyFile /etc/ldap/ssl/slapd.key > TLSCACertificateFile /etc/ssl/certs/ca.castlebranch.com.crt > loglevel -1 > allow bind_anon_dn > database config > rootdn cn=admin,cn=config > rootpw secret > access to * by > dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth > manage by * break > database ldap > suffix "dc=domain,dc=com" > rootdn "cn=Manager,dc=domain,dc=com" > rootpw secret > uri "ldaps://directory1.domain.com ldaps://directory2.domain.com" > overlay pcache > proxycache hdb 100000 3 1000 100 > proxyAttrset 0 uid userPassword uidNumber gidNumber cn homeDirectory > loginShell gecos description memberUid uniqueMember objectClass > proxyAttrset 1 cn automountInformation > proxyAttrset 2 cn mail > proxyTemplate (&(objectClass=)(|(memberUid=)(uniqueMember=))) 0 1800 > proxyTemplate (&(objectClass=)(uid=)) 0 1800 > proxyTemplate (&(objectClass=)(cn=)) 0 1800 > proxyTemplate (&(objectClass=)) 0 1800 > proxyTemplate (objectClass=) 0 1800 > proxyTemplate (&(objectClass=)(memberUid=)) 0 1800 900 > proxyTemplate (&(objectClass=)(uniqueMember=)) 0 1800 900 > proxyTemplate (&(objectClass=)(uidNumber=)) 0 1800 > proxyTemplate (&(objectClass=)(gidNumber=)) 0 1800 > proxyTemplate (&(objectClass=)(|(cn=)(gidNumber=))) 1 3600 600 > proxyTemplate (&(objectClass=)(|(cn=)(cn=))) 1 3600 600 > proxyTemplate (&(objectClass=)(|(cn=)(cn=)(cn=))) 1 3600 600 > proxyTemplate (|(cn=)(mail=)(sn=)) 2 7200 > directory /var/lib/ldap > cachesize 1000 > idletimeout 600 > idlcachesize 3000 > index objectClass eq > index cn,mail,surname,givenname eq,subinitial > index uidNumber,gidNumber,memberuid,member,uniqueMember eq > index uid eq,subinitial > index nisMapName,automountInformation eq > index userPassword,homeDirectory,loginShell,gecos,description eq > index pcacheQueryID eq > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
