Tyler Gates wrote: > Howard, > Does the most recent patch to ITS #6948 'ITS#6948 partial revert > of #6837, unnecessary' replace the first patch 'ITS#6948 fix ITS#6837 > patch' ?
No. > On Sun, Jun 5, 2011 at 10:04 PM, Tyler Gates<[email protected]> wrote: >> Thanks Howard, it working perfectly again. This also resolves my other >> ITS, #6891. >> >> On 06/05/2011 04:36 PM, Howard Chu wrote: >>> [email protected] wrote: >>>> Full_Name: Tyler Gates >>>> Version: 2.4.25 >>>> OS: Ubuntu 10.04 LTS >>>> URL: ftp://ftp.openldap.org/incoming/ >>>> Submission from: (NULL) (65.184.61.44) >>>> >>>> >>>> I've been fighting with a strange issue related to a backend database >>>> using a >>>> pcache configuration since upgrading from 2.4.24 to 2.4.25. Assuming >>>> there was >>>> just something wrong with my cn=config I decided to start back fresh >>>> using >>>> slapd.conf instead. >>>> Once I got the config working just fine I used slaptest to convert >>>> the config to >>>> a new cn=config. Unfortunately when I tried using -F cn=config >>>> instead of my -f >>>> slapd.conf, slapd failed with the same old message: >>> >>> Looks like this was broken by the patch for ITS#6837. Working on a new >>> fix. >>>> >>>> May 22 09:15:58 directory-proxy2 slapd[25055]: backend_startup: warning, >>>> database 0 (hdb) has no suffix >>>> May 22 09:15:58 directory-proxy2 slapd[25055]: backend_startup_one: >>>> starting >>>> "(unknown)" >>>> May 22 09:15:58 directory-proxy2 slapd[25055]: hdb_db_open: need suffix. >>>> May 22 09:15:58 directory-proxy2 slapd[25055]: backend_startup_one >>>> (type=hdb, >>>> suffix="(null)"): bi_db_open failed! (-1) >>>> May 22 09:15:58 directory-proxy2 slapd[25055]: slapd shutdown: initiated >>>> >>>> >>>> The backend database has never required me specify a suffix since it >>>> is already >>>> specified in the ldap overlay and when I try to add it in I get slapd >>>> trying to >>>> open the database twice which results in the second instance having >>>> access >>>> issues thus rendering all of the database inaccessible to queries. >>>> >>>> I'm assuming there has been a configuration change in cn=config for this >>>> particular layout but slaptest has not been updated. Below is a copy >>>> of the flat >>>> file I used that worked fine but failed once converted to cn=config >>>> using >>>> slaptest -f slapd.conf -F /etc/ldap/slapd.d/ >>>> >>>> root@directory-proxy:~# grep "^[^#]" >>>> /etc/ldap/slapd.conf.back_ldap_ppcache >>>> include /etc/ldap/schema/core.schema >>>> include /etc/ldap/schema/cosine.schema >>>> include /etc/ldap/schema/nis.schema >>>> include /etc/ldap/schema/inetorgperson.schema >>>> include /etc/ldap/schema/openldap.schema >>>> include /etc/ldap/schema/sudo.schema >>>> include /etc/ldap/schema/autofs.schema >>>> include /etc/ldap/schema/ppolicy.schema >>>> include /etc/ldap/schema/qmail.schema >>>> include /etc/ldap/schema/puppet.schema >>>> pidfile /var/run/slapd/slapd.pid >>>> argsfile /var/run/slapd/slapd.args >>>> modulepath /usr/lib/ldap >>>> moduleload back_ldap >>>> moduleload back_hdb >>>> moduleload pcache >>>> moduleload ppolicy >>>> TLSCertificateFile /etc/ldap/ssl/slapd.crt >>>> TLSCertificateKeyFile /etc/ldap/ssl/slapd.key >>>> TLSCACertificateFile /etc/ssl/certs/ca.castlebranch.com.crt >>>> loglevel -1 >>>> allow bind_anon_dn >>>> database config >>>> rootdn cn=admin,cn=config >>>> rootpw secret >>>> access to * by >>>> dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth >>>> manage by * break >>>> database ldap >>>> suffix "dc=domain,dc=com" >>>> rootdn "cn=Manager,dc=domain,dc=com" >>>> rootpw secret >>>> uri "ldaps://directory1.domain.com >>>> ldaps://directory2.domain.com" >>>> overlay pcache >>>> proxycache hdb 100000 3 1000 100 >>>> proxyAttrset 0 uid userPassword uidNumber gidNumber cn homeDirectory >>>> loginShell gecos description memberUid uniqueMember objectClass >>>> proxyAttrset 1 cn automountInformation >>>> proxyAttrset 2 cn mail >>>> proxyTemplate (&(objectClass=)(|(memberUid=)(uniqueMember=))) 0 1800 >>>> proxyTemplate (&(objectClass=)(uid=)) 0 1800 >>>> proxyTemplate (&(objectClass=)(cn=)) 0 1800 >>>> proxyTemplate (&(objectClass=)) 0 1800 >>>> proxyTemplate (objectClass=) 0 1800 >>>> proxyTemplate (&(objectClass=)(memberUid=)) 0 1800 900 >>>> proxyTemplate (&(objectClass=)(uniqueMember=)) 0 1800 900 >>>> proxyTemplate (&(objectClass=)(uidNumber=)) 0 1800 >>>> proxyTemplate (&(objectClass=)(gidNumber=)) 0 1800 >>>> proxyTemplate (&(objectClass=)(|(cn=)(gidNumber=))) 1 3600 600 >>>> proxyTemplate (&(objectClass=)(|(cn=)(cn=))) 1 3600 600 >>>> proxyTemplate (&(objectClass=)(|(cn=)(cn=)(cn=))) 1 3600 600 >>>> proxyTemplate (|(cn=)(mail=)(sn=)) 2 7200 >>>> directory /var/lib/ldap >>>> cachesize 1000 >>>> idletimeout 600 >>>> idlcachesize 3000 >>>> index objectClass eq >>>> index cn,mail,surname,givenname eq,subinitial >>>> index uidNumber,gidNumber,memberuid,member,uniqueMember eq >>>> index uid eq,subinitial >>>> index nisMapName,automountInformation eq >>>> index userPassword,homeDirectory,loginShell,gecos,description eq >>>> index pcacheQueryID eq >>>> >>>> >>> >>> >> > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
