OpenLDAP log file ownership getting modified automatically.

Tue, 29 Mar 2016 10:43:29 -0700 

Hello

Am using OpenLDAP 'openldap-2.4.31' on debian. I have configured syncrepl
.Everything work’s normal. But frequently am getting below Error. The log
file ownership is getting changed any one of the node automatically .

here is the Error From syslog.


Mar 29 12:14:26 xxx slapd[29405]: conn=5774 op=40651 SEARCH RESULT tag=101
err=0 nentries=1 text=

Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx):
/var/lib/ldap/xxx/log.0000000883:

log xxxle unreadable: Permission denied

Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx): PANIC:
Permission denied

Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx):
DB_ENV->log_newfh: 883: DB_RUNRECOVERY: Fatal error, run database recovery

Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx):
txn_checkpoint: log failed at LSN [883 68682]: DB_RUNRECOVERY: Fatal error,
run database recovery

Mar 29 12:14:30 xxx slapd[29405]: conn=5774 op=40652 SRCH base="" scope=0
deref=3 xxxlter="(objectClass=*)"

Mar 29 12:14:30 xxx slapd[29405]: conn=5774 op=40652 SRCH attr=objectclass


Any idea what is going wrong here?

LDAP is running as below user .


openldap:x:106:108:OpenLDAP Server Account,,,:/var/lib/ldap:/bin/false

$ id openldap
uid=106(openldap) gid=108(openldap) groups=108(openldap)


I dont find any logs for open file issue.But still i pasted below settings.
open file limit settings

openldap        soft    nofile          65536
openldap        hard    nofile          65536


slapd.conf settings

loglevel        sync stats
modulepath      /usr/lib/ldap
moduleload      back_hdb
moduleload      syncprov
sizelimit 500
tool-threads 8
threads 16
backend         hdb
database        hdb
monitoring on
cachesize 50000
idlcachesize 50000
directory       "/var/lib/ldap/account"
dbconfig set_cachesize 0 167772160 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index           objectClass,snAccount,snEnabled,entryCSN,entryUUID eq
index           cn eq,pres,subany
lastmod         on
checkpoint      5120 30
access to dn.base="" by * read
syncrepl      rid=001
                provider=ldap://xx.xx.xxx.xxx
                bindmethod=simple
                binddn="cn=xxx,ou=administrators,dc=test,dc=IN"
                credentials=xxx
                searchbase="dc=account,dc=test,dc=IN"
                schemachecking=on
                type=refreshAndPersist
                retry="10 +"
mirrormode on
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 10000


Br/Prashanth

Reply via email to