[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Slapd startup behavior when unable to bind to an interface
- To: openldap-devel@openldap.org
- Subject: Slapd startup behavior when unable to bind to an interface
- From: Quanah Gibson-Mount <quanah@zimbra.com>
- Date: Sat, 09 Jan 2016 15:48:12 -0800
- Content-disposition: inline
- Dkim-filter: OpenDKIM Filter v2.10.3 edge02.zimbra.com B8546A6201
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zimbra.com; s=C2AA288C-EE47-11E2-9BB0-E820BDD9BDBF; t=1452383304; bh=ERalKgJr7J3jsolGruP7NWVocT88Z5dQsu4dSR4n7Sw=; h=Date:From:To:Message-ID:MIME-Version; b=MfcEbtcApMczIx7CmuMfKACzCq5VUpVfRdaBtREoCIywlzvGZSBGWqSI67OURwml4 Z9JLEWVzYm57wHjIXOgGti4FUsmqv1rPQKpba50CSFEd2GVHKhu9NEedNf2JmrAiai vvsXjpPUVIOIly8ZxFFhutMib92bEYQGdS4bP1Kc=
Currently, slapd will start up even if it can't bind to an interface, if
more than one potential interface is given where the bind is successful.
This was, as best as Howard can recall, done because of ipv4/ipv6 issues on
some systems.
However, it seems to me that it should at least be possible to specify to
slapd that you do not want it to start up unless binding to all interfaces
is successful.
This is fairly trivial to reproduce. As a non-privileged user, simply do:
-h "ldap:// ldapi://slapd.sock"
It will fail to bind to 389, but bind to the LDAPI socket anyway, and
continue the startup process. This gives a false result that slapd started
successfully, although clearly external clients will be unable to talk to
it.
--Quanah
--
Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration