[Date Prev][Date Next]
RE: Centralized LDAP Authentication or Kerberos+LDAP Authentication
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org [mailto:owner-openldap-
> software@OpenLDAP.org] On Behalf Of Rich Graves
> Sent: Sunday, August 22, 2004 4:35 PM
> To: openldap-software@OpenLDAP.org
> Subject: Re: Centralized LDAP Authentication or Kerberos+LDAP
> On Mon, 23 Aug 2004, Tony Earnshaw wrote:
> > > Your init script, like redhat's, stops the server with kill -9.
> > RedHat's init procedure does *not*, unless something's seriously wrong
> > with the proggie's init procedure.
> > Please read RedHat's /etc/rc.d/init.d/functions yet again and look for
> > the function 'killproc'.
> Yes. Upon rereading, it's not as bad as I thought, but still has a
> potential problem.
> It allows 5 seconds for TERM to work and then runs KILL.
No, there's a problem there. Five seconds is _way_ too short. Consider that
the Berkeley DB has to flush all of the unwritten transactions to disk, and
that can take a while. The shutdown scripts we ship all give slapd 30
seconds to complete its shutdown and we recommend 60 seconds or more for
Packaged, certified, and supported LDAP distributions
powered by OpenLDAP: http://www.symas.com