[email protected] wrote: > Full_Name: Quanah Gibson-Mount > Version: openldap master > OS: Linux 2.6 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (75.111.58.125) > > > As reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741248, > slapacl > when used with a base that is not contained in the OpenLDAP configuration can > cause unclean DB messages.
Fixed now in master > > To reproduce, I had to disable the monitor database in my configuration, so > that > there was only the cn=config db and a primary BDB based backend. It also does > not occur if the suffix for the database is "" (as that contains everything). > > If the suffix of the DB is specific(such as "cn=zimbra"), then you can cause > the > unclean shutdown status to trigger by running slapacl against a suffix that is > not contained in the slapd configuration: > > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbraaaaa" -D > "uid=zimbra,cn=admins,cn=zimbra" entry > 5331d242 hdb_monitor_db_open: monitoring disabled; configure monitor database > to > enable > 5331d242 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d242 hdb_db_open: database "cn=zimbra": recovery skipped in read-only > mode. > Run manual recovery if errors are encountered. > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > cn=zimbraaaaa: no target database has been found for baseDN="slapacl"; you may > try with "-u" (dry run). > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D > "uid=zimbra,cn=admins,cn=zimbra" > entry > 5331d258 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d258 hdb_db_open: database "cn=zimbra": recovery skipped in read-only > mode. > Run manual recovery if errors are encountered. > 5331d258 hdb_monitor_db_open: monitoring disabled; configure monitor database > to > enable > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D > "uid=zimbra,cn=admins,cn=zimbra" > entry > 5331d262 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d262 hdb_db_open: database "cn=zimbra": recovery skipped in read-only > mode. > Run manual recovery if errors are encountered. > 5331d262 hdb_monitor_db_open: monitoring disabled; configure monitor database > to > enable > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > > Even running db_recover does not fix it: > > zimbra@zre-ldap001:~/data/ldap/hdb/db$ db_recover > zimbra@zre-ldap001:~/data/ldap/hdb/db$ cd > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D > "uid=zimbra,cn=admins,cn=zimbra" > entry > 5331d350 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d350 hdb_db_open: database "cn=zimbra": recovery skipped in read-only > mode. > Run manual recovery if errors are encountered. > 5331d350 hdb_monitor_db_open: monitoring disabled; configure monitor database > to > enable > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > > After starting slapd, the db is properly cleaned up: > > zimbra@zre-ldap001:~$ ps -eaf | grep slapd > zimbra 1655 1 3 12:05 ? 00:00:00 > /opt/zimbra/openldap/sbin/slapd > -l LOCAL0 -u zimbra -h ldap://zre-ldap001.eng.zimbra.com:389 ldapi:/// -F > /opt/zimbra/data/ldap/config > > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D > "uid=zimbra,cn=admins,cn=zimbra" > entry > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > > > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
