[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapo-pcache seems broken in openldap-2.4.31

Tio Teath wrote:
I'm trying to set up slapo-pcache using cn=config, and this is my settings:

dn: olcDatabase={1}ldap,cn=config
objectClass: olcConfig
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
objectClass: top
olcDatabase: {1}ldap
olcRootDN: cn=admin,cn=config
olcAccess: {0}to * by * read
olcDbACLBind: bindmethod=simple binddn="ou=group,dc=remote"
  credentials="password" tls_cacert="/etc/ssl/certs/ca-certificates.crt"
olcDbURI: ldap://remote.host
olcSuffix: dc=remote

dn: olcOverlay={0}pcache,olcDatabase={1}ldap,cn=config
objectClass: olcPcacheConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
olcOverlay: {0}pcache
olcPcache: hdb 10000 1 50 100
olcPcacheAttrset: 0 member
olcPcacheTemplate: "(objectClass=)" 0 3600

dn: olcDatabase={0}hdb,olcOverlay={0}pcache,olcDatabase={1}ldap,cn=config
objectClass: olcPcacheDatabase
objectClass: olcHdbConfig
objectClass: olcDatabaseConfig
objectClass: olcConfig
objectClass: top
olcDatabase: {0}hdb
olcDbDirectory: /var/lib/ldap/cache
olcDbIndex: objectClass eq
olcDbIndex: pcacheQueryid eq

But each time I'm trying to run
ldapsearch -b"cn=test2,ou=group,dc=remote"  '(objectClass=*)' member
  I'm getting QUERY NOT ANSWERABLE/QUERY NOT CACHEABLE errors in the log.

That's correct, since your search query doesn't match your template. Your search uses '(objectclass=*)' which is a Presence filter. Your template only supports Equality (and Substring) filters. Your template needs to be "(objectclass=*)" to support Presence filters.

Besides, it is impossible to modify attributes
modify/add: olcPcacheTemplate: no equality matching rule

This is definitely a bug, please submit this to the ITS. Thanks.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/