--On Tuesday, March 29, 2005 11:33 AM -0800 Howard Chu <firstname.lastname@example.org> wrote: > Owen DeLong wrote: > >> I'm seeing this problem also, using openldap version 2.2.23. In my case, >> clearing things up requires the following steps: >> >> service ldap stop >> /usr/sbin/slapd_db_recover -h /var/lib/ldap >> service ldap start >> chown -R ldap.ldap /var/lib/ldap >> service ldap start >> >> For some reason, the db_recover deletes: >> -rw------- 1 ldap ldap 16384 Mar 28 22:22 __db.001 >> -rw------- 1 ldap ldap 278528 Mar 28 22:22 __db.002 >> -rw------- 1 ldap ldap 98304 Mar 28 22:22 __db.003 >> -rw------- 1 ldap ldap 450560 Mar 28 22:22 __db.004 >> -rw------- 1 ldap ldap 24576 Mar 28 22:22 __db.005 >> >> and the first service ldap start creates them owned by root, then, ldap >> dies because they are owned by root and not ldap. The second service >> ldap start starts the ldap daemon. >> >> > As the OpenLDAP project does not provide start/stop scripts, this is an > issue for you to take up with whoever packaged the version you're using, > or whoever wrote your service start script. > Not really... The script simply runs the following two commands: /usr/sbin/slaptest -f /etc/openldap/slapd.conf daemon /usr/sbin/slapd -u ldap -h '"ldap://<myhost>/ ldaps://<myhost>/"' There's some other stuff that provides pretty wrapping for the display, but, nothing else that would affect /var/lib/ldap. I suspect that the slaptest is creating these files. Sure enough, it is. No mention of a -u argument for slaptest, so, that is the source of the problem. >> I don't know about idlcachesize... What is a reasonable value to put >> there? It is not documented or even mentioned in my slapd.conf(5) >> manpage. Is it new to 2.2.24? >> >> > The idlcachesize setting was introduced in 2.1.10 and has been in the > slapd-bdb(5) manpage ever since. > Got it... I've learned something... That looks like a very useful manpage that I didn't even know existed. :-( Owen -- If it wasn't crypto-signed, it probably didn't come from me.
Description: PGP signature