Thank you very much.
I did as suggested, and ticket is #48292
Nicola
Il 24/09/15 09:33, Ludwig Krispenz ha scritto:
Hi,
can you try to get a core dump:
http://directory.fedoraproject.org/docs/389ds/FAQ/faq.html#debug_crashes
and open a ticket for 389 DS: https://fedorahosted.org/389/newticket
Ludwig
On 09/24/2015 09:08 AM, Nicola Canepa wrote:
Hello, I'm trying to setup a partial replica of the LDAP tree stored
in 389-ds by FreeIPA 4.1 (under CentOS 7), so that legacy systems
have a local copy of the data needed to authenticate.
Those systems have already OpenLDAP installed, so I 'm trying to
enable syncrepl from DS to OL.
I followed this ticket: https://fedorahosted.org/freeipa/ticket/3967
and I enabled the 2 plugins as indicated.
When the slave starts and tries to sync, the ns-slapd process on
FreeIPA server dies, with this in syslog:
kernel: ns-slapd[4801]: segfault at 0 ip 00007f0f041f2db6 sp
00007f0ecc7f0f38 error 4 in libc-2.17.so[7f0f0416e000+1b6000]
immediately (same second) followed by:
named[1974]: LDAP error: Can't contact LDAP server: ldap_sync_poll()
failed
named[1974]: ldap_syncrepl will reconnect in 60 seconds
systemd: [email protected]: main process exited, code=killed,
status=11/SEGV
There is nothing in access or error log (found in
/var/log/dirsrv/INSTANCE) at that second (last log is 30 seconds
before the problem).
Even if replica doesn't work, I think it shoundn't kill the daemon.
The ldif used on the slave:
dn: olcDatabase={1}bdb,cn=config
changetype: modify
replace:olcSyncrepl
olcSyncrepl: rid=0001
provider=ldap://AAA.TLD
type=refreshOnly
interval=00:1:00:00
retry="5 5 300 +"
searchbase="YYY"
attrs="*,+"
bindmethod=simple
binddn="uid=XXX,cn=users,cn=accounts,dc=YYY"
credentials=ZZZ
Nicola
--
Nicola Canepa
Tel: +39-0522-399-3474
[email protected]
---
Il contenuto della presente comunicazione è riservato e destinato
esclusivamente ai destinatari indicati. Nel caso in cui sia ricevuto da persona
diversa dal destinatario sono proibite la diffusione, la distribuzione e la
copia. Nel caso riceveste la presente per errore, Vi preghiamo di informarci e
di distruggerlo e/o cancellarlo dal Vostro computer, senza utilizzare i dati
contenuti. La presente comunicazione (comprensiva dei documenti allegati) non
avrà valore di proposta contrattuale e/o accettazione di proposte provenienti
dal destinatario, nè rinuncia o riconoscimento di diritti, debiti e/o crediti,
nè sarà impegnativa, qualora non sia sottoscritto successivo accordo da chi può
validamente obbligarci. Non deriverà alcuna responsabilità precontrattuale a
ns. carico, se la presente non sia seguita da contratto sottoscritto dalle
parti.
The content of the above communication is strictly confidential and reserved
solely for the referred addressees. In the event of receipt by persons
different from the addressee, copying, alteration and distribution are
forbidden. If received by mistake we ask you to inform us and to destroy and/or
delete from your computer without using the data herein contained. The present
message (eventual annexes inclusive) shall not be considered a contractual
proposal and/or acceptance of offer from the addressee, nor waiver recognizance
of rights, debts and/or credits, nor shall it be binding when not executed as
a subsequent agreement by persons who could lawfully represent us. No
pre-contractual liability shall apply to us when the present communication is
not followed by any binding agreement between the parties.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
