Re: need help with my backup copy of ldap database...

Tue, 22 Dec 2009 07:24:55 -0800 

On Tuesday, 22 December 2009 03:37:10 Louis-M. Carrière wrote:
> Hi !
> 
> I had a problem with my system and decided to backup my /var/ /etc, etc.

How did you do this? E.g., was slapd running at the time? Did you copy all the 
files from /var/lib/ldap, or only a subset? Ideally you should do a backup to 
ldif (using slapcat) if you do something like this.

>  files and reinstall everything (Mandriva 2009). But now, my openldap
>  installation complains about my openldap database being corrupted or
>  something (here is the log):
> 
> Dec 21 21:23:09 p4server slapd[12999]: @(#) $OpenLDAP: slapd 2.4.11 (Sep 15
>  2008 10:30:35) $  

Before anyone tells you 2.4.11 is too old, I will note that 2.4.20 is 
available in main/backports for 2009.0 (and 2009.1 and 2010.0). It will become 
2.4.21 in a few days.

>  [email protected]:/home/mandrake/rpm/BUILD/openldap-2.4.11/servers/
> slapd Dec 21 21:23:09 p4server slapd[12999]: daemon_init: listen on
>  ldap://ldap.louismc.org/ Dec 21 21:23:09 p4server slapd[12999]:
>  daemon_init: listen on ldaps://ldap.louismc.org/ Dec 21 21:23:09 p4server
>  slapd[12999]: daemon_init: 2 listeners to open... Dec 21 21:23:09 p4server
>  slapd[12999]: daemon: listener initialized ldap://ldap.louismc.org/ Dec 21
>  21:23:09 p4server slapd[12999]: daemon: listener initialized
>  ldaps://ldap.louismc.org/ Dec 21 21:23:09 p4server slapd[12999]:
>  daemon_init: 2 listeners opened Dec 21 21:23:09 p4server slapd[12999]:
>  slapd init: initiated server. Dec 21 21:23:09 p4server slapd[12999]:
>  slap_sasl_init: initialized! Dec 21 21:23:09 p4server slapd[12999]:
>  bdb_back_initialize: initialize BDB backend Dec 21 21:23:09 p4server
>  slapd[12999]: bdb_back_initialize: Berkeley DB 4.6.21: (February 11, 2009)
>  Dec 21 21:23:09 p4server slapd[12999]: hdb_back_initialize: initialize HDB
>  backend Dec 21 21:23:09 p4server slapd[12999]: hdb_back_initialize:
>  Berkeley DB 4.6.21: (February 11, 2009) Dec 21 21:23:09 p4server
>  slapd[12999]: backend_startup_one: starting "cn=config" Dec 21 21:23:09
>  p4server slapd[12999]: => ldif_enum_tree: failed to open
>  /etc/openldap/slapd.d/cn=config.ldif: No such file or directory Dec 21
>  21:23:09 p4server slapd[12999]: send_ldap_result: conn=-1 op=0 p=0 Dec 21
>  21:23:09 p4server slapd[13000]: bdb(dc=louismc,dc=org): file id2entry.bdb
>  has LSN 2/4451165, past end of log at 1/140 Dec 21 21:23:09 p4server
>  slapd[13000]: bdb(dc=louismc,dc=org): Commonly caused by moving a database
>  from one database environment Dec 21 21:23:09 p4server slapd[13000]:
>  bdb(dc=louismc,dc=org): to another without clearing the database LSNs, or
>  by removing all of Dec 21 21:23:09 p4server slapd[13000]:
>  bdb(dc=louismc,dc=org): the log files from a database environment

It looks like you didn't backup / restore the transaction log files, and didn't 
do a database recovery before removing them.

>  Dec 21
>  21:23:09 p4server slapd[13000]: bdb(dc=louismc,dc=org):
>  /var/lib/ldap/id2entry.bdb: unexpected file type or format Dec 21 21:23:09
>  p4server slapd[13000]: bdb_db_open: database "dc=louismc,dc=org":
>  db_open(/var/lib/ldap/id2entry.bdb) failed: Invalid argument (22). Dec 21
>  21:23:09 p4server slapd[13000]: backend_startup_one: bi_db_open failed!
>  (22) Dec 21 21:23:09 p4server slapd[13000]: bdb_db_close: database
>  "dc=louismc,dc=org": alock_close failed Dec 21 21:23:09 p4server
>  slapd[13000]: slapd stopped.
> 
> Is there anything I can do to restore it like it was???

If you hadn't disabled it, there should have been a consistent backup (with 
required transaction logs) somewhere under /var/lib/ldap/backup, created by 
the ldap backup cron job. Copy all of the contents of that directory (in my 
case it is /var/lib/ldap/backup/dc_ranger_dc_dnsalias_dc_com/) to the original 
location (/var/lib/ldap).

> Also, but far less important, I have another error but less important since
>  it never prevent me from using openldap before...
>  /etc/openldap/slapd.d/cn=config
> What can I do about it???

Ignore it, it is harmless.

> Why does it complain?

Because we (Mandriva) ship an empty /etc/openldap/slapd.d directory, so that 
if you chose to use back-config, you don't wonder why it doesn't work (when the 
ldap user can't read/write to it). So, slapd looks for a cn=config.ldif there 
...

> I never confiruged
>  slapd.conf to use cn=config there... it should look in ldap itself for the
>  config entry.... ?!?!? I'm puzzled and never had chance with google
>  solving this one.

Regards,
Buchan

Reply via email to