[Date Prev][Date Next]
Re: Corrupt LDAP DB ...
- To: OpenLDAP software list <openldap-software@OpenLDAP.org>
- Subject: Re: Corrupt LDAP DB ...
- From: Jose Ildefonso Camargo Tolosa <firstname.lastname@example.org>
- Date: Fri, 4 Nov 2005 21:08:27 -0400
- Content-disposition: inline
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=U9q00BtDapPA5lzwtxJyTPbKYXE3TJxXWX1IJo1hsqSwSGRMqnpkafLFahjcP7grltFHh4TZlv2Nx0+SsZTcseRgxkLzhcp6wJjlEr2Z1vhNwS6ibsAikN84k7wRNh7K+o1niwUlynI26p4H71xNWPFkVglF7QcxHXMP0q5pfpU=
- In-reply-to: <5311E380A4250B276C2014B5@10.0.0.1>
- References: <4360CDAB.email@example.com> <AB7B07F087D1817BBF914305@cadabra-dsl.stanford.edu> <4360FF16.firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> <email@example.com> <4365C477.firstname.lastname@example.org> <B33341F7DCD84D3E4DFD7886@192.168.1.3> <4367318F.email@example.com> <5311E380A4250B276C2014B5@10.0.0.1>
On 11/1/05, Quanah Gibson-Mount <firstname.lastname@example.org> wrote:
> --On Tuesday, November 01, 2005 11:12 AM +0200 "C.Lee Taylor"
> <email@example.com> wrote:
> > Seeing that quite a few people have a similar problem, this might mean
> > there is serious fault or flaw somewhere. I don't hear any of the
> > commercial directory services explaining that there product is know not
> > to run out of the box, I don't think that is sane. None of the online
> > documentation like the quick start guide or admin doc for 2.2 seems to
> > mention the DB_Config. The FAQ does, but for somebody whom wish to take
> > OpenLDAP for a spin, might give up of OpenSourceSoftware, because it
> > crash with the default install.
> DB_CONFIG is specific to the BDB software package, which is not controlled
> or distributed by the OpenLDAP project. As with anything, you as the
> administrator should know and understand the basic workings of all the
> software packages involved, not just OpenLDAP. This general concept
> applies to many software packages, commercial or otherwise. If you install
> something that requires the Oracle DB backend, there is an assumption that
> you have a DBA who understands how to create and configure Oracle Databases
> around. This is no different.
I think it is. OpenLDAP almost depends on Berkley DB, so it should
give some info in the "general" documentation (there is info, in the
FAQ-o-matic), or at least warn about how fragile BDB is.
If you install PostgreSQL, you will get a robust database with almost
no extra configuration, it is not the same with berkley, you need to
configure the "DB enviroment", wich is in part done by OpenLDAP the
first time it opens the DB enviroment, and the DB_CONFIG is
database-specific, there is not a "global DB_CONFIG", you have to
create a DB_CONFIG for each database you create, and it will depend on
the use of the DB. I think that OpenLDAP should ship with an example
DB_CONFIG, and describe for wich "directory size" is that suited.
> And the major point here, is that your problems stem from two things:
> 1) Using RedHat's distribution of OpenLDAP which is *known* to have
> problems, and that is the fault of the distributor, not OpenLDAP
I don't use RedHat, and I don't recoment it's use. I'm using Debian
and Gentoo. From these, only Debian (sarge) have a stable
> 2) A lack of basic sys admin skills on your part
BDB administration is not that basic. But I agree with you, one need
to read a lot before implementing something, but, by the time I
started using OpenLDAP, there was a lack of documentation on what
respect to the "fragility" of BDB, and the need to config a DB
enviroment (come on, you *need* to configure the DB enviroment, and
that's not in the quick start guide, nor in the admin guide).
> Now you can attribute that to 'lack of documentation' and other stuff all
> you want. The fact is, your problems do not stem from the OpenLDAP
> project, or a lack of documentation. And yes, you emailed the list to get
> help, which was provided to you, and which for quite some time you decided
> to ignore. And at this point, I'm through with this discussion.
I agree on this, I have got help on this list, and I have listen to
them, and implemented their advices (wich have solved most of my
problems) but I think that one should be worring about other things
than the "directory DB"....... I would like to be able to configure
OpenLDAP with BDB backend to be as stable as PostgreSQL. I have
configured PostgreSQL databases wich have run without human
intervention for over two years, but with berkley, I have had
databases that crash without being updated, just power up, and
shutdown (cleanly), I have a quite stable Debian system now, but It
took some time to get there, my gentoo box keeps trashing the BDB
(with the same DB_CONFIG and data).