| View previous topic :: View next topic |
| Author |
Message |
Lynggaard
n00b
Joined: 01 Feb 2003
Posts: 22
|
 Posted: Wed Feb 12, 2003 10:16 pm Post subject: Problems starting and stopping openLDAP |
 |
|
I'm having problems starting and stopping OpenLDAP.
I have just emerged openLDAP 2.0.27-r2
running /etc/init.d/slapd start gives me
" * Starting ldap-server...
/etc/openldap/slapd.conf: Permission denied
touch: creating `/var/state/openldap/slapd.pid': No such file or directory
chown: failed to get attributes of `/var/state/openldap/slapd.pid': No such file or directory [ !! ]
"
then I did the following
* created the folder /var/state/openldap
* chgrp ldap /var/state/openldap
* chgrp -R ldap /etc/openldap
Now it starts, but it won't stop, instaed it gives
* Stopping ldap-server... [ !! ]
and trying a /etc/init.d/slapd gives me a server allready started
what have I done wrong ? |
|
| Back to top |
|
 |
rojaro
l33t
Joined: 06 May 2002
Posts: 732
|
| Posted: Mon Feb 17, 2003 4:59 am Post subject: |
|
|
hi lynggaard,
you didn't do anything wrong - i just tumbled over the same problem, but found the reason and a solution. it seems whoever made the ebuild messed up with the default config file and the init script.
if you have slapd running - shut it down by running "killall -INT slapd".
create a directory /var/run/openldap as root
edit the /etc/openldap/slapd.conf file and search for these two lines:
| Code: | pidfile /var/lib/slapd.pid
argsfile /var/lib/slapd.args |
and change them into the following
| Code: | pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args |
now open the slapd initscript (/etc/init.d/slapd) and change the pidfile parameter into "/var/run/openldap/slapd.pid" in the start and the stop functions.
now delete the /var/lib/slapd.pid and /var/lib/slapd.args files and also those directories you've made. then run /etc/init.d/slapd zap to notify the rc script that openldap isnt running anymore.
now you should be able to start and stop slapd as usual.
_________________
A mathematician is a machine for turning coffee into theorems. ~ Alfred Renyi (*1921 - †1970) |
|
| Back to top |
|
|
flowctrl
n00b
Joined: 18 May 2003
Posts: 53
Location: Banff, Canada
|
| Posted: Wed Jun 18, 2003 1:37 am Post subject: |
|
|
| rojaro wrote: | hi lynggaard,
you didn't do anything wrong - i just tumbled over the same problem, but found the reason and a solution. it seems whoever made the ebuild messed up with the default config file and the init script.
if you have slapd running - shut it down by running "killall -INT slapd".
create a directory /var/run/openldap as root
edit the /etc/openldap/slapd.conf file and search for these two lines:
| Code: | pidfile /var/lib/slapd.pid
argsfile /var/lib/slapd.args |
and change them into the following
| Code: | pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args |
now open the slapd initscript (/etc/init.d/slapd) and change the pidfile parameter into "/var/run/openldap/slapd.pid" in the start and the stop functions.
now delete the /var/lib/slapd.pid and /var/lib/slapd.args files and also those directories you've made. then run /etc/init.d/slapd zap to notify the rc script that openldap isnt running anymore.
now you should be able to start and stop slapd as usual. |
Thanks, rojaro. Note also that you may also have to:
| Code: | rm /var/lib/init.d/started/slapd
|
--
http://oss.netmojo.ca |
|
| Back to top |
|
|
denic
Apprentice
Joined: 04 Aug 2002
Posts: 168
|
| Posted: Fri Jun 27, 2003 8:04 am Post subject: |
|
|
Hi,
I get the same error.
But your instruction to remove the error did not work for me. |
|
| Back to top |
|
|
Rhysem
Tux's lil' helper
Joined: 18 Dec 2002
Posts: 76
|
| Posted: Fri Jun 27, 2003 11:42 pm Post subject: |
|
|
| I had the same problem -- slapd is running as user/group ldap which doesn't have permission to write to the (now created by the ebuild) /var/run/openldap directory. That's cause /var/run/openldap is owned by root. Chown it to ldap.ldap and it then will start. (for me at least) |
|
| Back to top |
|
|
drzero
n00b
Joined: 06 Oct 2002
Posts: 50
Location: Denmark
|
| Posted: Thu Jul 17, 2003 11:24 am Post subject: |
|
|
I have a similar problem, with openldap 2.0.27-r4 I can only get it to start if I make it run as root by changing:
| Code: | | eval start-stop-daemon --start --quiet --pidfile /var/run/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}" |
into:
| Code: | | eval start-stop-daemon --start --quiet --pidfile /var/run/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- "${OPTS}" |
I have tried lots of stuff, I even tried stracing it and it seems that it isn't allowed to listen to the ldap port because it is below 1024 and I can't remember how I can give the ldap user permission to use a port below 1024. Can anybody enlighten me? |
|
| Back to top |
|
|
drzero
n00b
Joined: 06 Oct 2002
Posts: 50
Location: Denmark
|
| Posted: Fri Jul 25, 2003 12:53 pm Post subject: |
|
|
I have it working now, it turns out /var/lib/openldap-ldbm/* was owned by root. A quick chown ldap.ldap fixed it so that slapd can start as user ldap now!  |
|
| Back to top |
|
|
pyro-x
n00b
Joined: 06 Jan 2003
Posts: 31
|
| Posted: Wed Sep 10, 2003 10:58 pm Post subject: |
|
|
Same problem here with openldap version 2.0.27-r4
But i fixed it doing a:
| Code: | | chown ldap: /etc/openldap/slapd.conf |
I don't know if it was broken before, or if i broke it when i created that file, but it seems /etc/init.d/slapd couldn't read it because it starts as user ldap. Well it seems this fixed it.
Cheers,
Pyro-X |
|
| Back to top |
|
|
tecknojunky
Veteran
Joined: 19 Oct 2002
Posts: 1937
Location: Montréal
|
| Posted: Thu Sep 25, 2003 8:20 pm Post subject: |
|
|
Similar problem here, /etc/init.d/slapd start gives [!!].
Everything mentionned in this thread seem to be already configured properly on my system. The only thing that could be problematic is that not all files in /etc/openldap are own by group ldap, but I'm afraid to mess with this and get a unsecure system.
| Code: | openldap # ls -l
total 82
-rw-r--r-- 1 root root 397 Sep 25 15:34 ldap.conf
-rw-r--r-- 1 root root 337 Aug 9 01:48 ldap.conf.default
-rw-r--r-- 1 root root 3122 Aug 9 01:48 ldapfilter.conf
-rw-r--r-- 1 root root 3122 Aug 9 01:48 ldapfilter.conf.default
-rw-r--r-- 1 root root 5043 Aug 9 01:48 ldapsearchprefs.conf
-rw-r--r-- 1 root root 5043 Aug 9 01:48 ldapsearchprefs.conf.default
-rw-r--r-- 1 root root 16452 Aug 9 01:48 ldaptemplates.conf
-rw-r--r-- 1 root root 16452 Aug 9 01:48 ldaptemplates.conf.default
drwxr-xr-x 2 root root 712 Aug 9 01:48 schema
-rw-r----- 1 root ldap 2227 Sep 25 15:37 slapd.conf
-rw-r----- 1 root ldap 1790 Aug 9 01:48 slapd.conf.default
drwxr-xr-x 2 root root 104 Aug 9 01:48 ssl
|
It would help if the init scripts would print the error messages instead of just !!.
_________________
(7 of 9) Installing star-trek/species-8.4.7.2::talax. |
|
| Back to top |
|
|
|
Networking & Security
