You have been subscribed to a public bug:
I have set up a Xeon-based server with a number of Subversion
repositories, served through libmod-dav_svn on apache2, and using
OpenLDAP to provide directory and authentication services.
Now for simple queries, for instance from a Windows desktop using
TortoiseSVN, there is no problem with this. In fact it works
beautifully. However when doing a more complex query involving multiple
rapid accesses it causes all the free apache threads to be consumed,
which all appear to be stuck in a loop waiting for a response from
slapd, which has already been given. The Subversive plugin for Eclipse
seems to cause this nearly every time.
Here's the kicker: when I turned on logging in slapd using loglevel 256
(for example), the problem goes away. Could it be that the request for
info is fired off, then slapd responds before mod-dav_svn is ready for
the response, whereas if it is slowed down by logging, the Apache module
is ready in time? I'd have expected some sort of pipeline in there, but
who knows?
Here's slapd.conf:
# This is the main slapd configuration file. See slapd.conf(5) for more
# info on the configuration options.
#######################################################################
# Global Directives:
# Features to permit
#allow bind_v2
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
TLSCACertificateFile /etc/ldap/cacert.pem
TLSCertificateFile /etc/ldap/servercrt.pem
TLSCertificateKeyFile /etc/ldap/serverkey.pem
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel 256
modulepath /usr/lib/ldap
moduleload back_hdb
tool-threads 1
sizelimit 500
backend hdb
database hdb
suffix "dc=netdb,dc=cark,dc=com"
rootdn "cn=admin,dc=netdb,dc=cark,dc=com"
rootpw passwerd
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index cn,sn,uid pres,eq,sub
index objectClass eq
lastmod on
checkpoint 512 30
replogfile /var/lib/ldap/replog
access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=netdb,dc=cark,dc=com" write
by anonymous auth
by self write
by * none
access to *
by dn="cn=admin,dc=netdb,dc=cark,dc=com" write
by * read
And here's the setup for the repos:
LDAPTrustedGlobalCert CA_BASE64 /etc/apache2/cacert.pem
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin [EMAIL PROTECTED]
ServerName netdb.cark.com
SSLEngine On
SSLCACertificateFile /etc/apache2/cacert.pem
SSLCertificateFile /etc/apache2/servercrt.pem
SSLCertificateKeyFile /etc/apache2/serverkey.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
LDAPTrustedMode TLS
<Location /svn>
Order allow,deny
Allow from all
SSLRequireSSL
DAV svn
SVNParentPath /home/svn/
SVNListParentPath on
AuthType Basic
AuthName "Subversion Repository"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPUrl
ldap://netdb.cark.com:389/ou=People,dc=netdb,dc=cark,dc=com?uid?sub TLS
AuthLDAPGroupAttribute uniqueMember
AuthLDAPGroupAttributeIsDN on
Require ldap-group cn=subversion,ou=Group,dc=netdb,dc=cark,dc=com
# Other testing with files
# AuthUserFile /etc/apache2/svn_passwd
# AuthzSVNAccessFile /etc/apache2/svn_access
# Require valid-user
</Location>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit, alert,
emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
** Tags: apache2 dav-svn hardy slapd svn
--
If many queries come in too quickly, apache2 freezes.
https://bugs.edge.launchpad.net/bugs/234367
You received this bug notification because you are a member of Ubuntu Server
Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
