moved from Incoming to Software Bugs
changed notes changed state Open to Test
Full_Name: Quanah Gibson-Mount Version: openldap master OS: Linux 2.6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.111.58.125) As reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741248, slapacl when used with a base that is not contained in the OpenLDAP configuration can cause unclean DB messages. To reproduce, I had to disable the monitor database in my configuration, so that there was only the cn=config db and a primary BDB based backend. It also does not occur if the suffix for the database is "" (as that contains everything). If the suffix of the DB is specific(such as "cn=zimbra"), then you can cause the unclean shutdown status to trigger by running slapacl against a suffix that is not contained in the slapd configuration: zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F /opt/zimbra/data/ldap/config -b "cn=zimbraaaaa" -D "uid=zimbra,cn=admins,cn=zimbra" entry 5331d242 hdb_monitor_db_open: monitoring disabled; configure monitor database to enable 5331d242 hdb_db_open: database "cn=zimbra": unclean shutdown detected; attempting recovery. 5331d242 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. Run manual recovery if errors are encountered. authcDN: "uid=zimbra,cn=admins,cn=zimbra" cn=zimbraaaaa: no target database has been found for baseDN="slapacl"; you may try with "-u" (dry run). zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" entry 5331d258 hdb_db_open: database "cn=zimbra": unclean shutdown detected; attempting recovery. 5331d258 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. Run manual recovery if errors are encountered. 5331d258 hdb_monitor_db_open: monitoring disabled; configure monitor database to enable authcDN: "uid=zimbra,cn=admins,cn=zimbra" entry: write(=wrscxd) zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" entry 5331d262 hdb_db_open: database "cn=zimbra": unclean shutdown detected; attempting recovery. 5331d262 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. Run manual recovery if errors are encountered. 5331d262 hdb_monitor_db_open: monitoring disabled; configure monitor database to enable authcDN: "uid=zimbra,cn=admins,cn=zimbra" entry: write(=wrscxd) Even running db_recover does not fix it: zimbra@zre-ldap001:~/data/ldap/hdb/db$ db_recover zimbra@zre-ldap001:~/data/ldap/hdb/db$ cd zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" entry 5331d350 hdb_db_open: database "cn=zimbra": unclean shutdown detected; attempting recovery. 5331d350 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. Run manual recovery if errors are encountered. 5331d350 hdb_monitor_db_open: monitoring disabled; configure monitor database to enable authcDN: "uid=zimbra,cn=admins,cn=zimbra" entry: write(=wrscxd) After starting slapd, the db is properly cleaned up: zimbra@zre-ldap001:~$ ps -eaf | grep slapd zimbra 1655 1 3 12:05 ? 00:00:00 /opt/zimbra/openldap/sbin/slapd -l LOCAL0 -u zimbra -h ldap://zre-ldap001.eng.zimbra.com:389 ldapi:/// -F /opt/zimbra/data/ldap/config zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" entry authcDN: "uid=zimbra,cn=admins,cn=zimbra" entry: write(=wrscxd)
quanah@OpenLDAP.org wrote: > Full_Name: Quanah Gibson-Mount > Version: openldap master > OS: Linux 2.6 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (75.111.58.125) > > > As reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741248, slapacl > when used with a base that is not contained in the OpenLDAP configuration can > cause unclean DB messages. Fixed now in master > > To reproduce, I had to disable the monitor database in my configuration, so that > there was only the cn=config db and a primary BDB based backend. It also does > not occur if the suffix for the database is "" (as that contains everything). > > If the suffix of the DB is specific(such as "cn=zimbra"), then you can cause the > unclean shutdown status to trigger by running slapacl against a suffix that is > not contained in the slapd configuration: > > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbraaaaa" -D > "uid=zimbra,cn=admins,cn=zimbra" entry > 5331d242 hdb_monitor_db_open: monitoring disabled; configure monitor database to > enable > 5331d242 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d242 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. > Run manual recovery if errors are encountered. > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > cn=zimbraaaaa: no target database has been found for baseDN="slapacl"; you may > try with "-u" (dry run). > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" > entry > 5331d258 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d258 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. > Run manual recovery if errors are encountered. > 5331d258 hdb_monitor_db_open: monitoring disabled; configure monitor database to > enable > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" > entry > 5331d262 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d262 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. > Run manual recovery if errors are encountered. > 5331d262 hdb_monitor_db_open: monitoring disabled; configure monitor database to > enable > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > > Even running db_recover does not fix it: > > zimbra@zre-ldap001:~/data/ldap/hdb/db$ db_recover > zimbra@zre-ldap001:~/data/ldap/hdb/db$ cd > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" > entry > 5331d350 hdb_db_open: database "cn=zimbra": unclean shutdown detected; > attempting recovery. > 5331d350 hdb_db_open: database "cn=zimbra": recovery skipped in read-only mode. > Run manual recovery if errors are encountered. > 5331d350 hdb_monitor_db_open: monitoring disabled; configure monitor database to > enable > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > > After starting slapd, the db is properly cleaned up: > > zimbra@zre-ldap001:~$ ps -eaf | grep slapd > zimbra 1655 1 3 12:05 ? 00:00:00 /opt/zimbra/openldap/sbin/slapd > -l LOCAL0 -u zimbra -h ldap://zre-ldap001.eng.zimbra.com:389 ldapi:/// -F > /opt/zimbra/data/ldap/config > > zimbra@zre-ldap001:~$ /opt/zimbra/openldap/sbin/slapacl -F > /opt/zimbra/data/ldap/config -b "cn=zimbra" -D "uid=zimbra,cn=admins,cn=zimbra" > entry > authcDN: "uid=zimbra,cn=admins,cn=zimbra" > entry: write(=wrscxd) > > > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Test to Release
fixed in master fixed in RE25 fixed in RE24
changed notes changed state Release to Closed