Re: slapd goes <DEFUNCT> after random time (ITS#248)

[Kurt@OpenLDAP.org]

At 06:00 PM 8/10/99 GMT, michael_dwyer@traininglinks.com wrote:
>Full_Name: Michael Dwyer
>Version: 1.2.1 (libldap)
>OS: Linux 2.0.36/Slackware
>URL: 
>Submission from: (NULL) (204.133.237.210)
>
>
>After a seemingly random amount of time, the SLAPD server stops answering, and
>shows
>up in the process list as [<DEFUNCT>].  You can only -KILL it, as far as I can
>tell...

Under UNIX semantics, a process is considered defunct if it has exited
and has a parent which has not waited for it.  This is often referred
to as a zombie process.  The process has exited, signals sent to it
should have no effect.  The process will removed once the parent
either waits or exits.

You should look at the server log files for hints to why it shutdown.
Usually the entries associated with the last connection are enough.
If it's aborting due to a memory fault or such, I recommend configurating
your environment so that slapd can dump core.  If you do have a core
dump, a traceback would be useful (in conjunction with the log)
in diagnosing the problem.

This additional information (log of last connection + traceback)
can be submitted by e-mail (reply-all to this message).

>My current working theory is that my problems are somehow connected to SYN
>COOKIES.
>I usually see a LOT of suspected syn cookie attacks on the LDAP port.  This is
>on 
>my internal network, where nobody would be attacking me. They are most likely
>just
>reactions to the large number of connections that Netscape places on it.
>
>I'm going to try disabling syn cookies, and am reading up on it, but has anyone
>else seen this?

I think you are on a wild goose chase.  Your problem is much
more likely something quite simple.

>For that matter, I can't even figure out what "DEFUNCT" means!
>:)

man ps