[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: time limit on non-idle connections?

It seems to me that a klugey workaround would be to issue a HUP (assuming
gentlehup is on), wait for niceguytimelimit, and then issue an INT if
slapd is still running.

The gentlehup section of the slapd.conf man page implies that this is
safe.  I wasn't sure how slapd would handle two termination signals...  I
presume this is still a safe shutdown?

Trivial as this approach would be, is there something more... elegant?

On Tue, 8 Mar 2005, Eric Irrgang wrote:

>I'd like to shut down my individual load-balanced ldap servers gently so
>that well-behaved users don't see errors by getting kicked off, but it
>seems that there are some evil clients creating persistent connections by
>reissuing a SRCH base="" scope=0 deref=0 filter="(objectClass=*)" just
>under the idletimeout.  The only other time limit I see that I can
>configure is timelimit which, according to the man page, specifies the
>"maximum number of seconds (in real time) slapd  will  spend  answering  a
>search  request"
>Is there a way with OpenLDAP 2.2.23 to enable gentlehup and still be able
>to guarantee that the server will eventually close all connections and
>shut down one way or the other?
>Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342

Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342