Full_Name: Emmanuel Duru Version: 2.4.11 OS: Windows URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (80.78.0.137) I am starting OpenLDAP with -f slapd.conf -F /path/configdir to convert my configuration to LDIF, including customized schema. My customized schema is split in several files. Sometimes, the attributes defined in one of these files are not generated in the configdb LDIF files (the cn={n}xx.ldif file in the /path/configdb/cn=config/cn=schema directory does not contain any olcAttributeTypes values, though it contains the corresponding olcObjectClasses attributes). After several tests, the problem seems to come from an attribute with Certificate syntax: as soon as one xx.schema file contains such an attribute, the corresponding {n}xx.ldif file does not contain any olcAttributeTypes attribute). This works with core.schema (usercertificate for example), but I can't see any difference with my certificate attribute.
Can you post a slapd.conf and the necessary file files which cause this? Or an URL to them? Remember to remove passwords. Since you say slapd won't restart, I assume it does start the first time. When slapd starts up and writes such a bad schema directory, do the missing attributes show up with ldapsearch... ...in olcAttributeTypes in cn={n}filename,cn=schema,cn=config? ...in attributeTypes in cn=subschema with search scope = base? -- Hallvard
Here is a test slapd conf file, with a test schema. Put the test.schema in schema subdirectory, together with standard schema files. Run slapd -f slapdTest.conf -F /path/configdb Slapd starts and can be accessed this time, all is fine. But when restarting with the configdb only, it does not start: olcObjectClasses: value #0 olcObjectClasses: AttributeType not found: "mailHost" config error processing cn={3}test,cn=schema,cn=config: olcObjectClasses: AttributeType not found: "mailHost" and the /path/configdb/cn=config/cn=schema/cn={3}test.ldif contains this: dn: cn={3}test objectClass: olcSchemaConfig cn: {3}test olcObjectClasses: {0}( 1.2.250.1.49.4406.0.6.1 NAME 'museIncr2' SUP top AUXILI ARY MAY ( uid $ manager $ employeeNumber $ departmentNumber $ mailHost $ intr acedUid $ source $ userCertificateIGCG $ modifiedTimestampSource ) ) structuralObjectClass: olcSchemaConfig entryUUID: c28d5168-40ed-4af9-8583-a02786da8bc8 creatorsName: cn=config createTimestamp: 20081020124051Z entryCSN: 20081020124051.109000Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20081020124051Z > -----Message d'origine----- > De : Hallvard Breien Furuseth [mailto:h.b.furuseth@usit.uio.no] > Envoyé : lundi 20 octobre 2008 14:32 > À : emmanuel.duru@atosorigin.com > Objet : Re: (ITS#5755) Schema file not always converted to LDIF and > slapdwon't restart Can you post a slapd.conf and the necessary file files which cause this? Or an URL to them? Remember to remove passwords. Since you say slapd won't restart, I assume it does start the first time. When slapd starts up and writes such a bad schema directory, do the missing attributes show up with ldapsearch... ...in olcAttributeTypes in cn={n}filename,cn=schema,cn=config? ...in attributeTypes in cn=subschema with search scope = base?> > h.b.furuseth@usit.uio.no writes: > > Can you post a slapd.conf and the necessary file files > > Eh. I mean the necessary schema files, of course. > > -- > Hallvard
The missing attributes appear in attributeTypes in cn=subschema. I can't perform a search on cn=config because I have not set rootdn for cn=config yet (I have to do it in the ldif file and restart slapd, but it doesn't restart...) > -----Message d'origine----- > De : Hallvard Breien Furuseth [mailto:h.b.furuseth@usit.uio.no] > Envoyé : lundi 20 octobre 2008 14:30 > À : emmanuel.duru@atosorigin.com > Cc : openldap-its@openldap.org > Objet : Re: (ITS#5755) Schema file not always converted to LDIF and slapd > won'trestart > > Can you post a slapd.conf and the necessary file files which cause > this? Or an URL to them? Remember to remove passwords. > > Since you say slapd won't restart, I assume it does start the first > time. When slapd starts up and writes such a bad schema directory, > do the missing attributes show up with ldapsearch... > ...in olcAttributeTypes in cn={n}filename,cn=schema,cn=config? > ...in attributeTypes in cn=subschema with search scope = base? > > -- > Hallvard
The problem is the 8-bit Latin-1 character in the certificate's DESC. It works if you convert the schema file to UTF-8. Slapd should have refused to start with a non-UTF-8 attribute DESC. Possibly that should wait for OpenLDAP 2.5 though, and just log a warning for now. -- Hallvard
moved from Incoming to Software Bugs
I wrote: > Possibly that should wait for OpenLDAP 2.5 though, and just log a > warning for now. ...though -f file -F dir should fail, of course. -- Hallvard
h.b.furuseth@usit.uio.no wrote: > I wrote: >> Possibly that should wait for OpenLDAP 2.5 though, and just log a >> warning for now. > > ...though -f file -F dir should fail, of course. Splitting these two behaviors isn't possible. The same config_build_entry() function is called in both cases; once the error is detected and config_build_entry() fails, the startup will fail. Remember that the full cn=config tree is always assembled in memory, even if you don't use a persistent copy in the filesystem. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Test
OK this works. My mistake, the concerned character is in fact a Windows character (CP1252) I hadn't noticed when I converted my schema to a text file. > -----Message d'origine----- > De : Hallvard Breien Furuseth [mailto:h.b.furuseth@usit.uio.no] > Envoyé : lundi 20 octobre 2008 19:39 > À : Emmanuel Duru > Cc : openldap-its@OpenLDAP.org > Objet : RE: (ITS#5755) Schema file not always converted to LDIF and > slapdwon't restart > > The problem is the 8-bit Latin-1 character in the certificate's DESC. > It works if you convert the schema file to UTF-8. > > Slapd should have refused to start with a non-UTF-8 attribute DESC. > Possibly that should wait for OpenLDAP 2.5 though, and just log a > warning for now. > > -- > Hallvard
emmanuel.duru@atosorigin.com wrote: > OK this works. > My mistake, the concerned character is in fact a Windows character (CP1252) > I hadn't noticed when I converted my schema to a text file. With the patch in HEAD your schema file now yields: config_build_attrs: error 21 on olcAttributeTypes value #3 config_build_entry: build "cn={0}test" failed: "" backend_startup_one: bi_db_open failed! (-1) slapd stopped. Probably we should be detecting this problem earlier, when parsing slapd.conf, instead of when generating the cn=config entries. >> -----Message d'origine----- >> De : Hallvard Breien Furuseth [mailto:h.b.furuseth@usit.uio.no] >> Envoyé : lundi 20 octobre 2008 19:39 >> À : Emmanuel Duru >> Cc : openldap-its@OpenLDAP.org >> Objet : RE: (ITS#5755) Schema file not always converted to LDIF and >> slapdwon't restart >> >> The problem is the 8-bit Latin-1 character in the certificate's DESC. >> It works if you convert the schema file to UTF-8. >> >> Slapd should have refused to start with a non-UTF-8 attribute DESC. >> Possibly that should wait for OpenLDAP 2.5 though, and just log a >> warning for now. >> >> -- >> Hallvard > > > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Test to Release
changed notes changed state Release to Closed
fixed in HEAD fixed in RE24