[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Corrupt LDAP DB ...

On Thursday 27 October 2005 18:23, C.Lee Taylor wrote:
> Greetings ...
> 	Thanks for you input ...
> Quanah Gibson-Mount wrote:
> > Try reading the man page specific to the BDB backend: slapd-bdb
> 	Thanks, found it.
> > RedHat's support of OpenLDAP has always been bad.  They have been the
> > absolute worst linux distro to run LDAP on using what they ship that
> > I've seen.
> 	Well, can't have everything for free and expect it to be perfect, where
> would the fun be in that ...

Whether you pay RedHat or not, you still get bad OpenLDAP packages.

Other distros have better packages for free (or for pay).

> > You aren't stopping slapd when you wipe your database?  That's really
> > bad.... And you need to stop slapd to run slapadd or to run db recovery.
> 	No, I don't need to stop slapd, because it's not in memory, as there is
> no pid and there are no files open for the LDAP DB ... I was just saying
> that by the time we see that LDAP has crash, it has crash ... We can't
> even start it up again.
> 	Then we move the DB dir to a backup location and create the complete DB
> structure from scratch,

When a simple db_recover might fix it instead?

> then import the LDAP DB by doing a slapadd and 
> then an slapindex just to make sure it's all in place. Then change owner
> and perms.  Then restart the LDAP server and all is well again for a few
> days ...
> > I highly suggest moving to 2.3, because it will take care of a number of
> > issues.  However, you seem to have a lack of the basic concepts
> > necessary to run an LDAP server, so I also suggest you do a bit of
> > reading.
> 	I would like to move to 2.3, and have been watching it's development
> for a while, as I did 2.1, and 2.2, but that did not put me off using them.
> 	I have been running OpenLDAP for a long time, and believe myself enough
> read to be able to mange my small setup, it's that the basic install of
> a FC/RH system does seem to have a problem, and that is why I have ask
> the people that use, if they have any ideas of what I might be doing
> wrong.

Using Fedora's default packages.

> I have searched the net to see if anyone else might have had 
> similar problems, but it's seem I'm the only bloke that can corrupt his
> LDAP DB without doing all his homework!?

No you aren't, this has been discussed a few times.

> 	I have found ways around this corruption, written a few scripts to
> backup, restore and sync the LDAP DB with little effort at the moment,
> but I don't believe that LDAP should just stop working for no reason I'm
> able to find at the moment.

If it is configured well (checkpoints, DB_CONFIG file) and started/stopped 
correctly, with database recovery when necessary, it won't.

BTW, the Mandriva init script runs database recovery when starting LDAP (but 
not when restarting it) by default. Debian can easily be configured to do so 
as well. Fedora doesn't seem to think it's important.

I didn't post the SRPM, because it is already mirrored around the world 
(rpmfind.net should find it), and all the packaging files are in CVS:



Buchan Milne
ISP Systems Specialist

Attachment: pgpWMUEDQtK4R.pgp
Description: PGP signature