On Thu, Mar 31, 2016 at 04:31:42PM +0200, Prashanth P.Nair wrote: > On Thu, Mar 31, 2016 at 4:10 PM, Brian Reichert <[email protected]> > wrote: > > > On Wed, Mar 30, 2016 at 05:48:56PM +0200, Prashanth P.Nair wrote: > > > Thanks Brian > > > > > > Yes.i have back up script which runs as root. But it stores the back file > > > in different location . > > > > That script looks safe, but you didn't answer my other question: > > > > > > Does that node run any of the db_checkpoint utilities as a user > > > > other than your openldap UID? > > > > Thanks Brian. > > Could you please let me know how that can be checked?
I have no way of knowing what sort of administrative tooling you may have on your systems. In my specific case, I was running a CentOS 5-based system. This distribution had a version of OpenLDAP that was compiled against a private copy of the Berkeley database library. I had a home-rolled backup cronjob that ran these utilities: /usr/sbin/slapd_db_checkpoint /usr/sbin/slapd_db_archive but did so as 'root', not as slapd's UID. Once in a great while, this would result in a transaction log owned by root, and slapd would fail. -- Brian Reichert <[email protected]> BSD admin/developer at large
