the default slapd.conf uses bdb but defines no checkpoints, therefore, if your system crashes, all of your data in your directory (at least since the last shutdown) is gone. Reproducible: Always Steps to Reproduce: 1. start slapd with deafault slapd.conf 2. add a ton of stuff to it 3. power off your machine 4. power your machine back on 5. cry. Actual Results: all of the data since the last 'clean' shutdown is gone. This is a bad thing. Expected Results: if nothing else, it should have had *SOME* of the updates you made. I would suggest adding the following line (or at least commenting it and describing its function) to the default slapd.conf: checkpoint 20 30 that will make slapd have a 'checkpoint' every 20 kilobytes written to the database, or every 30 minutes, whichever comes first. You might also add a couple of other commented entries for larger systems that might actually be doing 20 kilobytes all the time, or 30 minutes is too fast. http://sapiens.wustl.edu/~sysmain/info/openldap/openldap_configure_bdb.html has some more description about some sane default settings. http://www.openldap.org/faq/data/cache/893.html is some openldap.org documentation about bdb
this was reported almost 2 months ago.. I figured it would be a "oh yea, oops" and be in.. but I see nothing :) Shall I provide a patch to the slapd.conf file?
patches greatly accepted. I'm basically the only person handling openldap presently, and I've got a lot of other things on my plate too. For the most part, at the moment that means unless it breaks at work (where I've got gentoo deployed to ~20 servers), or I need something new at work/home, It's minor version bumps and the such only.
Created attachment 35911 [details, diff] patch to default slapd.conf to make the database more reliable. you must not ever have power outages or unexpected shutdowns then, as it does break then :) unified diff enclosed. Not sure if I would revbump or whatever, but I would think that you'd want this in the config file. I also added that bind_v2 be allowed, since I believe that's what squirrelmail uses with php and ldap. Enjoy.
my LDAP server has a redudnant power supply, the hardware is good and solid (after my own burn-in testing), makes use of 3ware RAID1, and i've got a big friggin UPS for the server room :-). i'll see about putting it in sometime tonight maybe.
the checkpoint statement is now used in cvs. I'm NOT putting the 'allow bind_v2' in place. If you have an old application that needs the backwards support of v2 binding, then you should enable it only for your configuration that needs it.