[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7840) bug with initial/seed syncrepl

Full_Name: Jephte CLAIN
Version: 2.4.39
OS: Debian 6 64bits
URL: http://jclain.fr/openldap-its/
Submission from: (NULL) (

I have scripts to test several replication scenarii, that setup the LDAP
environment then allow me to play with parameters as I see fit.

I believe that there is a bug with the "seed replication" that allow one to
build an exact clone of a master with minimal configuration on the slave side.

note: the tests below require 2 VMs, or running the two slapd instances in
chroots, because a clone replica requires the data files to be in the same

I attach two scripts to replicate the problem. they require root (they uses
this is with openldap 2.4.39 on debian squeeze. some paths may have to be fixed
in the scripts below

use jclain-20140419-0start.sh to:
- create a ldap server to be served on ldap://localhost:3890
- start the master in chroot
  (the logs are in /jclain-slapd-test/master.data/slapd.log)
- create a seed ldap replica to be served on ldap://localhost:3891 with
ldap://localhost:3890 as the provider
- start it in chroot with option -c rid=0
  (the logs are in /jclain-slapd-test/slave.data/slapd.log)

use jclain-20140419-1stop.sh to:
- stop the servers
- umount the chroots

If I understand the manual correctly, after 0start.sh, the replica should be
identical to the master thanks to -c rid=0
BUT, the log on the replica says:

534d5481 dn_callback : new entry is older than ours cn=config ours
20140415154713.807278Z#000000#000#000000, new

and indeed, the seed entries are NOT overwritten
I have to "touch" them on the master to force the replication.

I have uploaded the scripts to http://jclain.fr/openldap-its/

thanks in advance