[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: bdb panics with openldap
On Tuesday 03 June 2008 18:06:46 Govind c wrote:
> We have openldap
What version ?
> using the bdb has its database.For
> some reason the bdb had crashed complaining permission
> issue.
[...]
> May 13 16:04:40 ccc slapd[30372]: conn=12430 op=1 MOD
> noner=lastlogints lastaccessts authcookie
>
> May 13 16:04:40 ccc slapd[30372]: bdb(o=none.com):
> /var/lib/ldap/log.0000000002: log file open failed:
> Permission denied
>
> May 13 16:04:40 ccc slapd[30372]: bdb(o=none.com):
> PANIC: Permission denied
>
> May 13 16:04:40 ccc slapd[30372]: bdb(o=none.com):
> DB_ENV->log_put: 2: DB_RUNRECOVERY: Fatal error, run
> database recovery
>
> May 13 16:04:40 ccc slapd[30372]: bdb(o=none.com):
> /var/lib/ldap/log.0000000002: log file open failed:
> Permission denied
[...]
> -rw------- 1 ldap ldap 10485710 Apr 30 14:40
> log.0000000001
>
> -rw------- 1 root root 1827874 May 13 16:00
> log.0000000002
>
> -rw------- 1 ldap ldap 8192 Mar 20 11:50 mail.bdb
[...]
> The ldap is being run as user ldap
>
> Why should a modify cause a panic and not a search?
Transactions usually only occur when an entry is changed (added, deleted,
modified).
> Why
> did the rotated log had root as owner instead of
> ldap?
Since slapd is not running as root, it is impossible that slapd created the
transaction log.
> Is there a fix for this issue?
I think in some versions of OpenLDAP (2.1 to 2.2?) slapcat could incorrectly
incur a transaction. So, if slapcat was run as root on 13 May at 16:00, that
would be the cause. The fix would be to either upgrade, or to run your
slapcat as the ldap user.
If slapcat wasn't run on 13 May at 16:00, some other administration (slapadd?)
was run as root, and the permissions were not corrected before slapd was
started.
Regards,
Buchan