This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

CentOS 5.5 : openLDAP server causes server to hang

2 posts / 0 new

Topic locked

Last post

#1 Mon, 01/17/2011 - 12:26

maxslug

CentOS 5.5 : openLDAP server causes server to hang

Hi All,

I'm having some issues (https://www.virtualmin.com/node/16904) which are causing my server to start to kill jobs out of memory. One of those jobs is the LDAP server. Here's where there's a nasty chain reaction and upon reboot the system hangs before SSHd or the serial console are up. Only solution is to boot a recovery CD (or use Xen dom0 if it's a VPS) and mount the hard drive to fix things.

Here's what shows up on the console (for future googlers)

Starting HAL daemon: [ OK ] Checking configuration files for slapd: bdb_db_open: unclean shutdown detected; attempting recovery. bdb_db_open: Recovery skipped in read-only mode. Run manual recovery if errors are encountered.

And then the machine halts there and you're SOL.

From this fine blog : http://techarold.blogspot.com/2006/07/more-openldap-recovery.html the solution is to run

/usr/sbin/slapd_db_recover -v -h /var/lib/ldap Finding last valid log LSN: file: 1 offset 157293 Recovery starting from [1][156143] Recovery complete at Mon Jan 17 10:02:19 2011 Maximum transaction ID 80000056 Recovery checkpoint [1][158343]

And then you can start the LDAP server.

However in order to get that far I had to mount the hard drive from a recover CD and then prevent the LDAP server from starting :

rm /etc/init.d/rc3.d/Sldap

And then I could boot the machine to run the above fix command. Don't forget to put the LDAP server back in.

So for virtualmin I would strongly suggest an additional LDAP configuration command to prevent this deadlock. Here is the upstream bug : https://partner-bugzilla.redhat.com/show_bug.cgi?id=613966

To fix this I added -u to the 'slaptest' command at all times to make sure it would never hang. Edit /etc/init.d/ldap and change the configtest() function to match the following :

function configtest() { local user= ldapuid= dbdir= file= # Check for simple-but-common errors. user=ldap prog=basename ${slapd} ldapuid=id -u $user # Unaccessible database files. slaptestflags=-u

I changed the last line only. IF you do not do this, you may find your server hung and unresponsive w/out SSH or Console available.

-m

#2 Mon, 01/17/2011 - 12:28

maxslug

hmmm.. it seems my new lines are not appearing above, which makes it highly hard to read. how do you block quote on these forums again? Perhaps a hint on how to do that should be on the post / reply pages.

Topic locked