[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.4.23 multi-master replication of the cn=config tree error: could not put entry file in place

(Please reply to the list, so any useful information gets archived for others in the future...)

On 05/11/12 05:39 AM, Cyril Grosjean wrote:
26374 open("/etc/openldap/slapd.d/cn=config.ldif", O_RDONLY) = 16
26374 open("/etc/openldap/slapd.d/cn=config.40TIFd", O_RDWR|O_CREAT|O_EXCL, 0600) = 16 26374 rename("/etc/openldap/slapd.d/cn=config.40TIFd", "/etc/openldap/slapd.d/cn=config.ldif") = -1 EACCES (Permission denied)
26374 unlink("/etc/openldap/slapd.d/cn=config.40TIFd") = 0

So it really looks to me like a bug. As suggested by Quanah, I'll try OpenLDAP 2.4.31 if I've time for that, but my goal was possibly to stick to "official" rpms, for obvious support reasons.

If it's a bug, then it's a bug in the operating system. strace traces system calls ("_s_ystem trace"). You can plainly see OpenLDAP creating the new cn=config.ldif as a tempfile, trying to rename it to overwrite the old, and being told by the *OS* that it's not allowed to do so. Here's the exact same operation on my own server:

   5596  open("/appl/ldap/etc/slapd.d/cn=config.ldif", O_RDONLY) = 57
   5596  open("/appl/ldap/etc/slapd.d/cn=config.Zi6PH7",
   O_RDWR|O_CREAT|O_EXCL, 0600) = 57
   5596  rename("/appl/ldap/etc/slapd.d/cn=config.Zi6PH7",
   "/appl/ldap/etc/slapd.d/cn=config.ldif") = 0

How about showing us the exact permissions on the directory and that file? What's the output of:

         ls -lZd /etc/openldap/slapd.d /etc/openldap/slapd.d/cn=config.ldif


        getfacl /etc/openldap/slapd.d /etc/openldap/slapd.d/cn=config.ldif