[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: requesting clarification of slapd.conf-versus-slapd.d configuration

Okay... Maybe I should be asking instead what you consider "best practice"
for maintaining a configuration with OL2.3.  At this point it sounds like
every change to slapd.conf warrants removal of both slapd.d and DB_CONFIG.
That's fine, if maintaining configuration in slapd.conf is the way to go,
though it is a little tedious to try to confirm that changes made to
cn=config while running get made in exactly the same way to slapd.conf.
And as you have said explicitly, that is not the intended way to go.

... Which brings me back to my real question of how to best backup and
restore the configuration.  I can't get "slapadd -n0 -l config.ldif" to
work as a recovery procedure.  Without specifying '-f' or '-F', slapadd
consults the slapd.conf installed with the software and tries to use the
database directories specified in it rather than in the config.ldif.  With
'-F' specified, slapadd simply dies trying to open the slapd.d that isn't
yet populated:

$ /usr/local/openldap/sbin/slapcat -n0 -F /tmp/slapd.d |/usr/local/openldap/sbin/slapadd -n0 -F /tmp/slapd.d.2
=> ldif_enum_tree: failed to open /tmp/slapd.d.2/cn=config.ldif: No such file or directory
slapadd: bad configuration directory!

If slapd.d is already populated, then slapadd fails with
"slapadd: could not add entry dn="cn=config" (line=33):"

I can't seem to figure out how you've gotten this to work...

My slapd.conf is trivial:
include         /usr/local/openldap/etc/openldap/schema/core.schema
include         /usr/local/openldap/etc/openldap/schema/cosine.schema
database        bdb
suffix          "dc=test"
directory       /tmp/ldap
mode            0600
index   objectclass     eq

On Thu, 27 Apr 2006, Howard Chu wrote:

>Eric Irrgang wrote:
>> On Thu, 20 Apr 2006, Howard Chu wrote:

>First of all - don't do this. The shm_key should only be set in
>slapd.conf, not in DB_CONFIG.

>The use of "-f" and "-F" together is only for creating a new slapd.d.
>Once it's created, the slapd.conf file is ignored. If you want to
>convert slapd.conf again, delete the old slapd.d first.

>>> Already done. Just do "slapadd -n0 -l config.ldif"
>> Maybe I'm missing something.  Not only does that not work for me, but I
>> can't see how it would without code to notice the absence of a config
>> directory.  Or maybe it would work fine if there were already a valid
>> config in place, but it doesn't seem to work for bootstrapping a config.
>> Wouldn't "slapadd -n0 -l config.ldif" try to open database 0 specified in
>> the default config file before ever parsing config.ldif?  What I'm getting
>> at is that it would be nice to simply say
>Database 0 is the config database, and its existence is hardcoded.

Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342