<quote who="Andreas Hasenack"> > On Fri, Aug 18, 2006 at 06:31:16PM +0100, Gavin Henry wrote: >> Dear all, >> >> On the 15th this happened and about half an hour ago too: >> >> Aug 18 17:49:02 server1 slapd[653]: <= bdb_equality_candidates: >> (sambaGroupType) index_param failed (18) >> Aug 18 17:49:02 server1 slapd[653]: bdb_db_cache: db_open(sambaSIDList) >> failed: Permission denied (13) >> Aug 18 17:49:02 server1 slapd[653]: <= bdb_equality_candidates: >> (sambaSIDList) index_param failed (13) >> Aug 18 17:49:02 server1 slapd[653]: bdb_db_cache: db_open(sambaSIDList) >> failed: Permission denied (13) >> Aug 18 17:49:02 server1 slapd[653]: <= bdb_equality_candidates: >> (sambaSIDList) index_param failed (13) >> Aug 18 17:49:02 server1 slapd[653]: bdb_db_cache: db_open(sambaSIDList) >> failed: Permission denied (13) >> Aug 18 17:49:02 server1 slapd[653]: <= bdb_equality_candidates: >> (sambaSIDList) index_param failed (13) > > The user under which the slapd daemon is running has no read/write > access to the index files. > >> Aug 18 17:49:02 server1 slapd[653]: bdb(dc=example,dc=com): unlink: >> /usr/local/var/openldap-data/log.0000000002: Permission denied > > Likely a db_checkpoint or recover was run as root while the slapd daemon > runs as another user that cannot read/write to the transaction log file.
It all runs as ldap, via the init script. The only thing that changes perms is when this crashes and I run db_recover as root, then I chown ldap:ldap, as it won't start otherwise, obviously. > >> cd /usr/local/var/openldap-data >> /usr/local/BerkleyDB4.2/bin/db_recover >> chown ldap:ldap * >> >> Fixes it and gets back to normal. >> >> Any tips for how to debug this? > > You or someone else probably forgot the chown part when running > db_recover. See above. What user would do the auto log removes? AS we have this set in DB_CONFIG: set_flags DB_LOG_AUTOREMOVE Thanks. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E [EMAIL PROTECTED] Open Source. Open Solutions(tm). http://www.suretecsystems.com/
