I'm running a syncrepl incl. chain OpenLDAP setup on 2 servers (slapd.conf files will be attached). When starting slapd on the slave with the current configuration the initscript reports the startup would be fine ([ ok]) while slapd isn't really running. The following log messages appear in /var/log/ldap.log: Jan 31 12:16:11 tickets slapd[2722]: @(#) $OpenLDAP: slapd 2.4.19 (Jan 26 2010 19:10:33) $ Jan 31 12:16:11 tickets slapd[2722]: sql_select option missing Jan 31 12:16:11 tickets slapd[2722]: auxpropfunc error no mechanism available Jan 31 12:16:11 tickets slapd[2722]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql Jan 31 12:16:11 tickets slapd[2722]: auxpropfunc error invalid parameter supplied Jan 31 12:16:11 tickets slapd[2722]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb Jan 31 12:16:11 tickets slapd[2723]: syncprov_db_open: invalid config, lastmod must be enabled Jan 31 12:16:11 tickets slapd[2723]: backend_startup_one (type=bdb, suffix="dc=COMPANY,dc=DE"): bi_db_open failed! (-1) Jan 31 12:16:11 tickets slapd[2723]: slapd stopped. /etc/init.d/slapd status reports [ crashed ] - while this is actually true, it should be catched far earlier as the "crash" happens upon starting the service due to a misconfiguration. The initscript (or start-stop-daemon) needs to catch this in a better way as it is fairly misleading. One's starting a service, the message is [ ok ] but the service is actually not running. While I'm actually working on a testing environment here, this would be really really bad on a production system. emerge -pv openldap: [ebuild R ] net-nds/openldap-2.4.19-r1 USE="berkdb crypt ipv6 overlays perl sasl ssl syslog tcpd -cxx -debug -experimental -gnutls -icu -iodbc -kerberos -minimal -odbc -samba (-selinux) -slp -smbkrb5passwd" 0 kB emerge --info: Portage 2.2_rc61 (default/linux/amd64/10.0, gcc-4.3.4, glibc-2.10.1-r1, 2.6.31-gentoo-r6 x86_64) ================================================================= System uname: Linux-2.6.31-gentoo-r6-x86_64-QEMU_Virtual_CPU_version_0.12.1-with-gentoo-2.0.1 Timestamp of tree: Thu, 28 Jan 2010 11:50:01 +0000 app-shells/bash: 4.0_p35 dev-lang/python: 2.6.4 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.0-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.63-r1 sys-devel/automake: 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--keep-going --jobs=3" FEATURES="assume-digests distlocks fixpackages news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://gentoo.mneisen.org/ http://gentoo.supp.name/ http://de-mirror.org/distro/gentoo/" LANG="en_US.utf8" LDFLAGS="-Wl,-O1" MAKEOPTS="-j6" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/zugaina /usr/local/portage/layman/eliasp" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="acl amd64 apache2 berkdb bzip2 cli cracklib crypt cxx dri fortran gdbm iconv ipv6 jpeg ldap mmx modules mudflap multilib mysql ncurses nls nptl nptlonly openmp pam pcre perl png pppd python readline reflection session spl sse sse2 ssl sysfs tcpd truetype unicode vhosts xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa via vmware voodoo" Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS Reproducible: Always Steps to Reproduce:
Created attachment 217981 [details] slapd.conf (Master)
Created attachment 217983 [details] slapd.conf (Slave)
Actually catching those is pretty hard as the server starts up properly then dies after some time... If you can offer some ideas, I'm willing to implement it
2.4.28-r1 now has slaptest during startup.