(first post)
Hi guys
I am trying to set-up a pair of directory servers. Both of them run Ubuntu 8.04, which has OpenLDAP-2.4.9.
I started out with one server, configured that to suit my needs (store UNIX and smb accounts), which works fine. Next thing is to set-up a second 'slave' server.
After reading the docs, I decided to go for the syncrepl style replication for our micro tree. Everything seems to work fine. If I start the consumer it nicely pulls content from the provider.
Retrieving the whole tree with ldapsearch from both servers yields exactly the same ldif. Great.
However, if I now change something on my main server a.k.a. provider (f.i. change a password), the next time the consumers contacts the provider, the provider crashes:
root@ldap:/etc/ldap# slapd -f slapd.conf -g openldap -u openldap -d 15 [snip] *** glibc detected *** slapd: free(): invalid size: 0xb676ef08 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7c62a85] /lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7c664f0] /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x4a)[0xb7f93b4a] /usr/lib/ldap/syncprov-2.4.so.2[0xb787619a] slapd(overlay_op_walk+0x34)[0x80da4e4] slapd[0x80daaf7] slapd(fe_op_search+0x313)[0x8078a73] slapd(do_search+0x777)[0x80792e7] slapd[0x807653f] slapd[0x8076c36] /usr/lib/libldap_r-2.4.so.2[0xb7fa4714] /lib/tls/i686/cmov/libpthread.so.0[0xb7d4b4fb] /lib/tls/i686/cmov/libc.so.6(clone+0x5e)[0xb7ccde5e] ======= Memory map: ======== Aborted
A slave server killing a master sort of defeats the whole purpose ;-)
Any ideas how to solve this?
If it makes any difference, here is the provider config:
include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 4096 modulepath /usr/lib/ldap moduleload back_hdb moduleload syncprov sizelimit 5000 tool-threads 1 backend hdb database hdb suffix "dc=terena,dc=org" rootdn "cn=Replication,dc=terena,dc=org" directory "/var/lib/ldap" dbconfig set_cachesize 0 16777216 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass,entryCSN,entryUUID eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUid eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub lastmod on checkpoint 512 30 overlay syncprov syncprov-checkpoint 1 1 syncprov-sessionlog 100 access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=terena,dc=org" write by dn="cn=smbadmin,dc=terena,dc=org" read by dn="cn=syncrepl,dc=terena,dc=org" read by anonymous auth by self write by * none access to * by dn="cn=admin,dc=terena,dc=org" write by * read access to dn.base="" by * read
And here is the consumer config:
include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 256 modulepath /usr/lib/ldap moduleload back_hdb sizelimit 500 tool-threads 1 backend hdb database hdb suffix "dc=terena,dc=org" rootdn "cn=Replication,dc=terena,dc=org" directory "/var/lib/ldap" dbconfig set_cachesize 0 2097152 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass,entryCSN,entryUUID eq access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=terena,dc=org" write by dn="cn=smbadmin,dc=terena,dc=org" read by anonymous auth by self write by * none access to * by dn="cn=admin,dc=terena,dc=org" write by * read access to dn.base="" by * read syncrepl rid=000 provider=ldap://ldap.terena.org:389 type=refreshOnly interval=00:00:00:60 retry="60 10 300 +" searchbase="dc=terena,dc=org" scope=sub attrs=* schemachecking=off bindmethod=simple binddn="cn=syncrepl,dc=terena,dc=org" credentials=hackme updateref ldap://ldap.terena.org:389