[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Help me. Slapd die.
On Thu, Mar 01, 2007 at 04:56:36PM +0100, Hallvard B Furuseth wrote:
> > loglevel -1 - has not given the infornation.
> > Slapd - die silent. :(
>
> loglevel in slapd.conf goes to syslog. It needs to be enabled
> with something like
Sorry - i was expressed incorrectly.
debug.log write successeful - but i not found
any intelligent information. :(
Full absence of symptoms.
> # OpenLDAP local4.* /var/log/openldap.log
> in /etc/syslog.conf. (After that change, restart syslogd with kill
> -HUP).
>
> However, for testing you can intead just do
> slapd -h ldap://localhost:3890/ -d -1
> Does the end of that output say something useful?
Heh - l have like this:
---------------------------------------------------------------------------
Mar 1 18:08:44 attacker slapd[1615]: @(#) $OpenLDAP: slapd 2.3.34 (Mar 1 2007 11:48:34) $ paul@attacker.dgb.local:/usr/ports/net/openldap23-server/work/openldap-2.3.34/servers/slapd
Mar 1 18:08:44 attacker slapd[1615]: >>> dnNormalize: <cn=Subschema>
Mar 1 18:08:44 attacker slapd[1615]: <<< dnNormalize: <cn=subschema>
Mar 1 18:08:44 attacker slapd[1615]: matching_rule_use_init
Mar 1 18:08:44 attacker slapd[1615]: 1.2.840.113556.1.4.804 (integerBitOrMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey ) )
Mar 1 18:08:44 attacker slapd[1615]: 1.2.840.113556.1.4.803 (integerBitAndMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey ) )
Mar 1 18:08:44 attacker slapd[1615]: 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ mail $ dc $ associatedDomain $ email ) )
Mar 1 18:08:44 attacker slapd[1615]: 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ mail $ dc $ associatedDomain $ email ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.35 (certificateMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.35 NAME 'certificateMatch' APPLIES ( userCertificate $ cACertificate ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.34 (certificateExactMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.30 (objectIdentifierFirstComponentMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.29 (integerFirstComponentMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.27 (generalizedTimeMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.24 (protocolInformationMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.23 (uniqueMemberMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.22 (presentationAddressMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.20 (telephoneNumberMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES telephoneNumber )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.17 (octetStringMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES userPassword )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.16 (bitStringMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.14 (integerMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.13 (booleanMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcGentleHUP $ olcLastMod $ olcReadOnly $ olcReverseLookup $ olcSpNoPresent $ olcSpReloadHint $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.11 (caseIgnoreListMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.8 (numericStringMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.7 (caseExactSubstringsMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.6 (caseExactOrderingMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.5 (caseExactMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcSizeLimit $ olcSrvtab $ olcSubordinate $ olcSyncrepl $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLS!
CertificateFile $ olcTLSCertificateKeyF
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.4 (caseIgnoreSubstringsMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.3 (caseIgnoreOrderingMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.2 (caseIgnoreMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcSizeLimit $ olcSrvtab $ olcSubordinate $ olcSyncrepl $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTL!
SCertificateFile $ olcTLSCertificateKey
Mar 1 18:08:44 attacker slapd[1615]: 1.2.36.79672281.1.13.3 (rdnMatch):
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.1 (distinguishedNameMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ namingContexts $ aliasedObjectName $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ member $ owner $ roleOccupant ) )
Mar 1 18:08:44 attacker slapd[1615]: 2.5.13.0 (objectIdentifierMatch):
Mar 1 18:08:44 attacker slapd[1615]: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) )
Mar 1 18:08:44 attacker slapd[1616]: slapd startup: initiated.
Mar 1 18:08:44 attacker slapd[1616]: backend_startup_one: starting "cn=config"
Mar 1 18:08:44 attacker slapd[1616]: config_back_db_open
Mar 1 18:08:44 attacker slapd[1616]: config_build_entry: "cn=config"
-----------------------------------------------------------------------------
>
> --
> Regards,
> Hallvard
>
--
Paul Shevtsov <> 380-62-3327312
<Dongorbank> <> paul@dongorbank.com