This may not be the politically correct thing to say here, but, it is my experience and YMMV.
BDB is very stable and reliable, once you get the right combination of
configuration figured out. There's lots of different things that need
to be set up to get BDB stable and many of them are less than obvious
in the installation process.
Running db_recover before EVERY startup is safe and, in my experience,
virtually necessary. If the shutdown was clean, db_recover will quickly
figure out that it doesn't have to do anything and move on.
Another important thing is to get DB_CONFIG set up correctly.
Here's my LDAP startup script which has been mostly stable:
#!/bin/bash
#
# ldap This shell script takes care of starting and stopping
# ldap servers (slapd and slurpd).
#
# chkconfig: - 39 61
# description: LDAP stands for Lightweight Directory Access Protocol, used \
# for implementing the industry standard directory services.
# processname: slapd
# config: /etc/openldap/slapd.conf
# pidfile: /var/run/slapd.pid
# Source function library.
. /etc/init.d/functions
# Source networking configuration and check that networking is up.
if [ -r /etc/sysconfig/network ] ; then
. /etc/sysconfig/network
[ ${NETWORKING} = "no" ] && exit 0
fi
# Source an auxiliary options file if we have one, and pick up OPTIONS,
# SLAPD_OPTIONS, and SLURPD_OPTIONS.
if [ -r /etc/sysconfig/ldap ] ; then
. /etc/sysconfig/ldap
fi
slapd=/usr/sbin/slapd
slurpd=/usr/sbin/slurpd
slaptest=/usr/sbin/slaptest
[ -x ${slapd} ] || exit 0
[ -x ${slurpd} ] || exit 0
RETVAL=0
function start() {
# Check for simple-but-common errors.
user=ldap
ldapuid=`id -u $user`
# Unaccessible database files.
for dbdir in `grep ^directory /etc/openldap/slapd.conf | sed
s,^directory,,` ; do
echo "Recovering in ${dbdir}"
/usr/sbin/slapd_db_recover -h "${dbdir}"
for file in `find ${dbdir}/ -not -uid $ldapuid -and \(
-name "*.dbb" -or -name "*.gdbm" -or -name "*.bdb" \)` ; do
echo -n $"$file is not owned by \"$user\"" ;
warning ; echo
done
done
# Check the configuration file.
echo -n $"Checking configuration files for $prog: "
$slaptest -f /etc/openldap/slapd.conf
RETVAL=$?
if test $RETVAL -eq 0 ; then
success
else
failure
exit 1
fi
# Start daemons.
chown -R ldap.ldap /var/lib/ldap
prog=`basename ${slapd}`
echo -n $"Starting $prog: "
if grep -q ^TLS /etc/openldap/slapd.conf ; then
daemon ${slapd} -u ldap -h '"ldap://<servername>/
ldaps://<servername>/"' \
$OPTIONS $SLAPD_OPTIONS
RETVAL=$?
else
daemon ${slapd} -u ldap -h "ldap:///"; $OPTIONS $SLAPD_OPTIONS
RETVAL=$?
fi
echo
if [ $RETVAL -eq 0 ]; then
if grep -q "^replogfile" /etc/openldap/slapd.conf; then
prog=`basename ${slurpd}`
echo -n $"Starting $prog: "
daemon ${slurpd} $OPTIONS $SLURPD_OPTIONS
RETVAL=$?
echo
fi
fi
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap
return $RETVAL
}
function stop() {
# Stop daemons.
prog=`basename ${slapd}`
echo -n $"Stopping $prog: "
killproc ${slapd}
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
if grep -q "^replogfile" /etc/openldap/slapd.conf; then
prog=`basename ${slurpd}`
echo -n $"Stopping $prog: "
killproc ${slurpd}
RETVAL=$?
echo
fi
fi
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ldap /var/run/slapd.args
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status ${slapd}
if grep -q "^replogfile" /etc/openldap/slapd.conf ; then
status ${slurpd}
fi
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/ldap ] ; then
stop
start
fi
;;
*)
echo $"Usage: $0 {start|stop|restart|status|condrestart}"
RETVAL=1
esac
exit $RETVAL
Here is my DB_DONRIG file:
# In Memory Cache Size
set_cachesize 0 8388608 0
# Database Flags
#set_flags DB_TXN_NOSYNC # Don't immediately flush txn logs.
Dangerous
# Log Values set_lg_regionmax 1048576 set_lg_max 10485760 set_lg_bsize 2097152 set_lg_dir /var/lib/ldap/bdb-logs # Temporary file location set_tmp_dir /tmp Hope that helps. Owen
pgpfiQx2HYIEb.pgp
Description: PGP signature
