| View previous topic :: View next topic |
| Author |
Message |
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
 Posted: Fri May 20, 2005 3:23 am Post subject: LDAP won't start properly [solved] |
 |
|
Okay, I come home after doing some errands, and it was storming, and we lost power.
I'm not rich, so my linux box doesn't have a UPS, so needless to say it lost power.
So I boot it back up, and during the boot process, I notice this, when ldap tries to start:
| Code: | * Starting ldap-server...
Can't open perl script "-e": Permission denied.
Use -S to search $PATH for it. |
I thought it might be the init scripts, so I checked them, but nothing's changed. I switched it to verbose mode (from quiet) and did:
| Code: | # /etc/init.d/slapd stop
# /etc/init.d/slapd start
* Starting ldap-server...
Starting /usr/lib/openldap/slapd...
Can't open perl script "-e": Permission denied.
Use -S to search $PATH for it. |
I tried to re-emerge openldap, but no joy. No configurations have changed, so I have no idea what the problem is.
Currently running openldap-2.1.30-r4
Anyone have any ideas?
I can post applicable config files as necessary.
Thanks in advance.
EDIT: It appears that the /dev/null stuff was messed up from a UDEV upgrade.
Last edited by daeghrefn on Wed Jul 20, 2005 8:52 pm; edited 1 time in total |
|
| Back to top |
|
 |
converter
Apprentice
Joined: 24 Dec 2002
Posts: 163
|
| Posted: Fri May 20, 2005 10:56 am Post subject: |
|
|
This sounds like filesystem corruption to me. Boot from a recovery CD and fsck your partitions.
_________________
converter |
|
| Back to top |
|
|
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
| Posted: Fri May 20, 2005 6:18 pm Post subject: |
|
|
Okay, used a live CD and ran:
| Code: | | livecd # xfs_repair /dev/hda3 |
and it said it fixed a bunch of stuff. so I rebooted and still getting the same error.
Tried re-emerging openldap and baselayout again. Not sure what to do at this point.
Since I was using LDAP to authenticate my other linux boxes, I'm kinda SOL until I can get this sucker back online.
should I take the plunge and emerge -e world?
I've looked at the permissions for /etc/init.d/ and /etc/conf.d/ and /usr/lib/openldap/ and they all look good.
So I'm still not sure what's going on at this time.
Any more thoughts? |
|
| Back to top |
|
|
converter
Apprentice
Joined: 24 Dec 2002
Posts: 163
|
| Posted: Sat May 21, 2005 1:03 am Post subject: |
|
|
Silly question: have you searched your disk for a file named -e? If there is one, what are the perms?
edit
| Code: |
$ ls -l -- -e
-rw------- 1 root root 15 May 20 20:03 -e
$ perl ./-e
Can't open perl script "./-e": Permission denied.
Use -S to search $PATH for it.
$ perl -- -e
Can't open perl script "-e": Permission denied.
Use -S to search $PATH for it.
|
_________________
converter |
|
| Back to top |
|
|
converter
Apprentice
Joined: 24 Dec 2002
Posts: 163
|
| Posted: Sat May 21, 2005 12:41 pm Post subject: |
|
|
What's the output of:
If I remember correctly, screwed up mode/permissions on /dev/null can cause this error.
_________________
converter |
|
| Back to top |
|
|
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
| Posted: Sat May 21, 2005 7:34 pm Post subject: |
|
|
Okay, not sure if I am that familiar with how to search for a file. I tried the examples you had in there, but didn't find anything.
I checked /dev/null and it is:
| Code: | # ls -l /dev/null
crw-rw---- 1 root root 1, 3 Jan 4 20:29 /dev/null |
I did:
as you suggested and came up with nothing
When I tried the perl commands, it came up "file not found", but when I tried /etc/init.d/slapd start, I still get permission denied.
Last night I took the plunge and did:
But after etc-update and rebooting, nothing changed. |
|
| Back to top |
|
|
converter
Apprentice
Joined: 24 Dec 2002
Posts: 163
|
| Posted: Mon May 23, 2005 9:42 am Post subject: |
|
|
| daeghrefn wrote: |
I checked /dev/null and it is:
| Code: | # ls -l /dev/null
crw-rw---- 1 root root 1, 3 Jan 4 20:29 /dev/null |
|
That's the problem. Regular users have to be able to read from and write to /dev/null. It's been a couple years
since I actually read the code, but when perl is processing code passed on the command line along with the
-e switch, it has to read from or write to /dev/null and if the permissions are wrong, you get the error.
This should fix the immediate problem:
| Code: | | # chmod o+rw /dev/null |
The big question is: what caused the change to /dev/null's permissions and has it affected other files? This
is something you should look into.
_________________
converter |
|
| Back to top |
|
|
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
| Posted: Thu May 26, 2005 11:35 am Post subject: |
|
|
Well, I made the permissions changes to /dev/null and the perl error went away... but LDAP still isn't starting properly.
The startup scripts are not returning an error, but an ldapsearch won't connect to the ldap server, and authentication is still down.
Both my co-workers are on leave this week, so work has been too busy to do much with it, but I will attempt to post the results of
| Code: | | $ ldapsearch -d 255 |
when I get the chance. Thanks for the advice.
I too, wonder why things have changed. I would like to log LDAP, but I'm haven't been able to figure out how to get metalog to do that yet. Again, no time right now.
Sheesh. Thanks anyways  |
|
| Back to top |
|
|
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
| Posted: Sat May 28, 2005 6:59 pm Post subject: |
|
|
Okay,
so now LDAP starts up without any errors. But when I do a simple:
which usually displays the contents of the directory, I get an error 81, cannot bind to LDAP server.
When I add a -d 255 to the ldapsearch, essentially what it tells me is that the server didn't start, and that ldapsearch can't connect.
| Code: | # ldapsearch -d 255
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP master.dravidia.net:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.1.10:636
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_is_sock_ready: 3
ldap_nedelay_off: 3
TLS trace: SSL_connect:before/connect initialization
tls_write: want=148, written=148
0000: 80 92 01 03 01 00 69 00 00 00 20 00 00 39 00 00 ......i... ..9..
0010: 38 00 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 8..5............
0020: 00 00 33 00 00 32 00 00 2f 00 00 07 05 00 80 03 ..3..2../.......
0030: 00 80 00 00 66 00 00 05 00 00 04 01 00 80 08 00 ....f...........
0040: 80 00 00 63 00 00 62 00 00 61 00 00 15 00 00 12 ...c..b..a......
0050: 00 00 09 06 00 40 00 00 65 00 00 64 00 00 60 00 .....@..e..d..`.
0060: 00 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00 ................
0070: 03 02 00 80 dc de 93 35 3f 1c 42 ea ee 53 9c 29 .......5?.B..S.)
0080: 9f 10 56 ff fc 12 94 5f 4f 08 c1 3b de 8e 45 3b ..V...._O..;..E;
0090: 49 fe 88 13 I...
TLS trace: SSL_connect:SSLv2/v3 write client hello A
tls_read: want=7, got=0
TLS: can't connecf.
ldap_perror
ldap_bind: Can't contact LDAP server (81) |
That's the error. And I haven't changed anything at all since the beginning, so I'm reasonably sure it's not my config files. However, if necessary I can post them.
Thanks. |
|
| Back to top |
|
|
frugalmail
n00b
Joined: 05 Jun 2005
Posts: 1
|
| Posted: Sun Jun 05, 2005 9:07 pm Post subject: |
|
|
Forgive me for jumping on your thread, but I'm having the same problem. Perhaps we can help each other out.
Changing the permissions on /dev/null did fix the first problem. I'd imagine that the security reprucussions of exposing /dev/null are negligible, anybody have comments otherwise?
Now I also can not connect to the ldap server. Although one thing that hasn't been mentioned by the OP'er is the contents of /var/log/messages:
| Code: |
slapd[31275]: daemon: socket() failed errno=97 (Address family not supported by protocol)
slapd[31275]: bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) [ ok ]
slapd[31275]: bdb_db_init: Initializing BDB database
Jslapd[31282]: slapd starting
|
Am I missing something that should have installed? |
|
| Back to top |
|
|
lkarayan
n00b
Joined: 28 Mar 2005
Posts: 14
|
| Posted: Sun Jun 05, 2005 9:16 pm Post subject: |
|
|
slapd is trying to start under ip6, edit /etc/conf.d/slapd and add "-4" to OPTS.
[/code] |
|
| Back to top |
|
|
BinarySeed
n00b
Joined: 19 May 2005
Posts: 4
|
|
| Back to top |
|
|
converter
Apprentice
Joined: 24 Dec 2002
Posts: 163
|
| Posted: Wed Jun 08, 2005 2:12 am Post subject: |
|
|
| BinarySeed wrote: |
log # /etc/init.d/slapd restart
* Stopping ldap-server... [ ok ]
* Starting ldap-server...
Can't open perl script "-e": Permission denied.
Use -S to search $PATH for it. [ ok ]
Any ideas? |
The first thing you need to do is to fix the mode on /dev/null. Non-privileged users must be able to read from and write to /dev/null or many things will not work right.
_________________
converter |
|
| Back to top |
|
|
BinarySeed
n00b
Joined: 19 May 2005
Posts: 4
|
| Posted: Wed Jun 08, 2005 3:29 pm Post subject: |
|
|
converter, I have ran the following to change permissions to /dev/null. When starting the script I still have the same issues come up. I've looked online and it's not the easiest thing to find results for ;(
(chmod o+rw /dev/null) |
|
| Back to top |
|
|
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
| Posted: Wed Jul 20, 2005 8:51 pm Post subject: |
|
|
It looks like my original problem was related to an upgrade to UDEV, and it hosed the permissions on /dev/null.
I also ran an update on the DB files, but I'm not sure if that had anything to do with it or not. |
|
| Back to top |
|
|
|
Networking & Security
