so, i changed all the permissions in the /var/lib/ldap/* chmod 0755 /var/lib/ldap/ I retried with slapindex with the same result: from root: sudo /usr/sbin/slapindex WARNING! Runnig as root! There's a fair chance slapd will fail to start. Check file permissions! from normal user: usr/sbin/slapindex /etc/ldap/slapd.conf: line 20: invalid path: Permission denied slapindex: bad configuration file! I repeated strace and i didn't find errorsI repeated slapindex from root and from normal user but the result was the same as above.
I repeated smbldap-populate anc magically it runs!Do you understand something of this chaos? I'd like to understand the why of this behavior.
Thanks On 04/30/2012 08:51 AM, Stefano Malini wrote:
Hi, please take a look of my permissions: ls -l /var drwxr-xr-x 13 openldap openldap 4096 Mar 20 09:47 var ls -l /var/lib drwxr-xr-x 31 openldap openldap 4096 Apr 28 16:38 lib ls -l /var/lib/ldap drwxr-xr-x 2 openldap openldap 4096 Apr 30 08:31 ldap ls -l /var/lib/ldap/ root@amahoro:/# ls -l /var/lib/ldap/ total 11580 -rw-r----- 1 openldap openldap 4096 Apr 30 08:31 alock -rw------- 1 openldap openldap 8192 Apr 29 11:47 cn.bdb -rw------- 1 openldap openldap 24576 Apr 30 08:31 __db.001 -rw------- 1 openldap openldap 352256 Apr 30 08:38 __db.002 -rw------- 1 openldap openldap 2629632 Apr 30 08:38 __db.003 -rw------- 1 openldap openldap 163840 Apr 30 08:38 __db.004 -rw------- 1 openldap openldap 876544 Apr 30 08:38 __db.005 -rw------- 1 openldap openldap 32768 Apr 30 08:38 __db.006 -rw-r--r-- 1 openldap openldap 96 Apr 23 17:34 DB_CONFIG -rw------- 1 openldap openldap 8192 Apr 28 14:23 dn2id.bdb -rw------- 1 openldap openldap 8192 Apr 29 11:47 gidNumber.bdb -rw------- 1 openldap openldap 32768 Apr 28 14:23 id2entry.bdb -rw------- 1 openldap openldap 10485760 Apr 30 08:30 log.0000000001 -rw------- 1 openldap openldap 8192 Apr 29 11:47 mail.bdb -rw------- 1 openldap openldap 8192 Apr 28 14:00 memberUid.bdb -rw------- 1 openldap openldap 8192 Apr 28 11:52 objectClass.bdb -rw------- 1 openldap openldap 8192 Apr 29 11:47 sambaSID.bdb -rw------- 1 openldap openldap 8192 Apr 29 11:47 sn.bdb -rw------- 1 openldap openldap 8192 Apr 29 11:47 uid.bdb -rw------- 1 openldap openldap 8192 Apr 29 11:47 uidNumber.bdb Are ok? On 4/30/12, Quanah Gibson-Mount<quanah@zimbra.com> wrote:On Apr 29, 2012, at 3:27 AM, stefano malini<lozingalo@gmail.com> wrote:Hi, other check: using sudo strace /usr/sbin/slapindex i found the line: open("/var/lib/ldap/DUMMY", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = -1 EACCES (Permission denied) but in that directory there is not not "DUMMY" What can i do? am blocked on this point ThanksClearly the higher level directory permissions are wrong. Fix them. --QuanahOn 04/29/2012 11:02 AM, Jonathan Clarke wrote:On 29 avr. 2012, at 10:27, stefano malini<lozingalo@gmail.com> wrote:I used slapindex also, the output is: stefano@amahoro:~$ /usr/sbin/slapindex /etc/ldap/slapd.conf: line 20: invalid path: Permission denied slapindex: bad configuration file!Try running slapindex as the user "openldap". Also, make sure that you run slapd as that user too. JonathanThis is my slapd.conf #Basics include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 256 modulepath /usr/lib/ldap moduleload back_hdb #Database configuration database hdb suffix "dc=amahoro,dc=bi" rootdn "cn=Manager,dc=amahoro,dc=bi" rootpw {SSHA}XBLZ+TknuZHW3dirN2SE2fj3mYka3tkG directory /var/lib/ldap<----------------------------- LINE 20 index uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial index sambaSID eq index sambaPrimaryGroupSID eq #ACLs access to attrs=userPassword by anonymous auth by self write by * none access to * by dn.base="uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" read by self write by * none These are the permissions of /var/lib/ldap/are drwxr-x--- 2 openldap openldap 4096 Apr 29 09:57 ldap -rw-r--r-- 1 openldap openldap 4096 Apr 29 09:57 alock -rw------- 1 openldap openldap 8192 Apr 28 12:18 cn.bdb -rw------- 1 openldap openldap 24576 Apr 29 09:57 __db.001 -rw------- 1 openldap openldap 352256 Apr 29 09:57 __db.002 -rw------- 1 openldap openldap 2629632 Apr 29 09:57 __db.003 -rw------- 1 openldap openldap 163840 Apr 29 09:57 __db.004 -rw------- 1 openldap openldap 876544 Apr 29 09:57 __db.005 -rw------- 1 openldap openldap 32768 Apr 29 09:57 __db.006 -rw-r--r-- 1 openldap openldap 96 Apr 23 17:34 DB_CONFIG -rw------- 1 openldap openldap 8192 Apr 28 14:23 dn2id.bdb -rw------- 1 openldap openldap 8192 Apr 28 14:23 gidNumber.bdb -rw------- 1 openldap openldap 32768 Apr 28 14:23 id2entry.bdb -rw------- 1 openldap openldap 10485760 Apr 29 09:57 log.0000000001 -rw------- 1 openldap openldap 8192 Apr 28 12:18 mail.bdb -rw------- 1 openldap openldap 8192 Apr 28 14:00 memberUid.bdb -rw------- 1 openldap openldap 8192 Apr 28 11:52 objectClass.bdb -rw------- 1 openldap openldap 8192 Apr 28 14:23 sambaSID.bdb -rw------- 1 openldap openldap 8192 Apr 28 12:18 sn.bdb -rw------- 1 openldap openldap 8192 Apr 28 12:18 uid.bdb -rw------- 1 openldap openldap 8192 Apr 28 14:23 uidNumber.bdb Whato do you think? Thanks On 04/28/2012 08:33 PM, stefano malini wrote:anyone? On 04/28/2012 11:30 AM, stefano malini wrote:Hi, i cannot end the populating process using smbldap-populate due to this errors: root@amahoro:~# smbldap-populate Populating LDAP directory for domain AMAHORO (S-1-5-21-251852451-2940789264-3475694606) (using builtin directory structure) entry dc=amahoro,dc=bi already exist. entry ou=Users,dc=amahoro,dc=bi already exist. entry ou=Groups,dc=amahoro,dc=bi already exist. entry ou=Computers,dc=amahoro,dc=bi already exist. entry ou=Idmap,dc=amahoro,dc=bi already exist. adding new entry: uid=root,ou=Users,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 58. adding new entry: uid=nobody,ou=Users,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 89. adding new entry: cn=Domain Admins,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 101. adding new entry: cn=Domain Users,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 112. adding new entry: cn=Domain Guests,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 123. adding new entry: cn=Domain Computers,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 134. adding new entry: cn=Administrators,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 179. adding new entry: cn=Account Operators,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 201. adding new entry: cn=Print Operators,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 212. adding new entry: cn=Backup Operators,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 223. adding new entry: cn=Replicators,ou=Groups,dc=amahoro,dc=bi failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498,<GEN1> line 234. entry sambaDomainName=AMAHORO,dc=amahoro,dc=bi already exist. Updating it... Please provide a password for the domain root: /usr/sbin/smbldap-passwd: user root doesn't exist i don't find the error "index generation failed" on internet. Do you know the problem? Thanks