[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Corrupt LDAP DB ...

lau den 05.11.2005 Klokka 20:38 (-0400) skreiv Jose Ildefonso Camargo


> I use Red Hat, but I use the Mandriva packages (which I maintain)
> rebuilt on Red Hat (RHEL3 and RHEL4, our RHEL2.1 boxen still have
> packages based on the RH 2.0.27 packages from RHEL3 but heavily
> modified). My 2.3.11 packages for RHEL are available ...

Yep, but that makes you loose the "warranty" over the packages. As I
said: I don't use RedHat since version 8.0 (RedHat 8.0) and I tried
Fedora Core 1 and 2, then I decided no to waste my time using them. RHEL gives a "warranty" over the binaries, but only if you use the
"repository" packages, when you install a 3th party package, you loose
the warranty over the packages you replace and the packages wich
depends on them.


There is no "warranty" (whatever that might mean) for any Fedora
package. You use Fedora for anything, you're on your own, Fedora should
never be used for serious production, it's for the birds. If you use
any 3rd party package, the Fedora people obviously can't help you. But
that's what you're there for, yes?


> > , I have had
> > databases that crash without being updated, just power up, and
> > shutdown (cleanly), I have a quite stable Debian system now, but It
> > took some time to get there, my gentoo box keeps trashing the BDB
> > (with the same DB_CONFIG and data).
> This sounds very much like your slapd is being stopped badly, and not
> having database recovery run for its databases.

Please, read correctly: clean shutdowns (exit with signal 15, not 9,
nor power fail, nor system crash).  I have had this problem even with
a "no shutdown" database, just sit there, an uptime of 23 days, and
then you have some database problems, I have experienced this
(recently) in gentoo, at the moment debian sarge is just fine.  This
is most likely caused by "locks", or something like that (the thing is
that, when you take a look at the DB locks, you are not out of locks!,
but then you shutdown openldap and run db_recovery, and everything
works fine again).

I've been running source code OL 2.2.17/patched BDB 4.2.52 on IBM X86 eSeries hardware, 4 servers, with RHAS3 with a 1150+ user base that uses it for LTSP (Linux Terminal Server Project), Samba 3 and smtp and IMAP e-mail for well over a year with not a single glitch, ever. BDB is as strong as an ox. But then, the underlying system is, as well.

> Note that 2.3.x recovers databases at startup, but for 2.1.x and 2.2.x
> manual db_recover is needed if it is likely that slapd could not
> cleanly close all its databases. Debian's init script does this (I
> think you may have to configure it to do so in /etc/default/slapd),
> Mandriva's init script does this by default for 2.2.x (can't remember
> for old 2.1.x packages).

Once again, read completly, I have already said that Debian Sarge's
OpenLDAP works just fine.  I was playing around with gentoo, and just
saw that problem, and i'm trying to isolate it (just to contribute
with an usefull bug report).

Ok, I think this went off-topic enough.

I like OpenLDAP, that's why I'm using it, but Berkley DB have been an
issue since the first time I used OpenLDAP, and it was out of the docs
for a very long time.  I'm glad that it is there now, and that
OpenLDAP is becoming a more stable directory every day.

There are few who know about producing stable OpenLDAP systems on Linux as Buchan. It's a lot of of his life, which is why I sought my solace in his expertise - after looking at others'. Most likely also your Debian and Gentoo people. 2 of the four servers I quoted above are now running rpmed OL 2.3.11 (thanks to Buchan) on RHAS4; the mail and master OL server continues on RHAS3 with source-built OL 2.2.17, since it's proved so stable over a year and reinstalling rpmed RHAS4 with latest Postfix, Courier and OpenLDAP would have cost me more time than the 2 days I had available. Though they're all running fine on my RHAS4 test server.

Summing up: There's nothing wrong with patched BDB 4.2.52. Thousands,
literally, of users will affirm this. If you've had problems, these have
been due to your own wrongly chosen infrastructure. As for Red Hat
support on software that I choose to install that's other than theirs,
forget it. But that's what I'm there for, yes?

Oh, and OL 2.3 is a real eye-opener after 2.2, fantastic. Rather than
turning your back on it because "it isn't supported" on your chosen
distros, take a look at it and what it's complexity (no, it's not
simple) can do for you. I can tell you that Buchan's designed his
implementation of it nearly perfectly.


Mail: tonye@billy.demon.nl