(ITS#6671) multi-master replication fails to delete objects from consumer - openldap-bugs

12 Oct 2010


      Full_Name: Barry Colston
Version: 2.4.23
OS: Fedora 10
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (209.255.208.200)
When a "Refresh Present" phase is performed at a multi-master consumer, objects
that were deleted at the provider
while the consumer was down are not deleted from the multi-master consumer (if
the provider is brought down and back up after the consumer is down).  This
problem can be duplicated as follows:
1. Start provider
2. Start consumer, which is configured as a multi-master server
3. Add 10 records to the provider and wait until the records are replicated to
the multi-master consumer
4. Stop the consumer
5. Delete 3 of the records that were added to the provider
6. Stop the provider
7. Start the provider
8. Start the consumer
9. After giving the consumer time to perform the refresh present phase, the 3
records that were deleted at the provider while the consumer was down
   are still present on the consumer and were not deleted during the refresh
present phase
Note: the consumer database must have a contextCSN attribute value present for
itself (e.g., there should be 2 contextCSN attribute values
present in the consumer database, one for the provider (in my configuration,
this is serverID 000), and one value for the consumer
(in my configuration, this is serverID 001).  An example of the contextCSN
values follows:
dn: dc=authentx
objectClass: top
entryUUID: 8eb6b259-ab66-49bd-b012-674c4f0fba8f
contextCSN: 20101012154030.379053Z#000000#000#000000
contextCSN: 20101012141508.956053Z#000000#001#000000
OpenLDAP 2.4.23 is being used, along with Berkeley 4.6.21 (plus patches).
Consumer log file from -d sync logging option:
@(#) $OpenLDAP: slapd 2.4.23 (Oct 11 2010 18:00:59) $
    Barry@XTecVisaAdmin:/usr/src/openldap-2.4.23/servers/slapd
slapd starting
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_PRESENT
do_syncrep2: rid=001
cookie=rid=001,csn=20101012180219.072053Z#000000#000#000000
slap_queue_csn: queing 0x1841a30 20101012180219.072053Z#000000#000#000000
slap_graduate_commit_csn: removing 0x1841b18
20101012180219.072053Z#000000#000#000000
daemon: shutdown requested and initiated.
slapd shutdown: waiting for 1 operations/tasks to finish
slapd stopped.
Provider slapd.conf file:
#
include		/usr/local/etc/openldap/schema/core.schema
include		/usr/local/etc/openldap/schema/cosine.schema
include		/usr/local/etc/openldap/schema/inetorgperson.schema
include		/usr/local/etc/openldap/schema/nis.schema
include		/usr/local/etc/openldap/schema/authentx.schema
pidfile		/usr/local/var/slapd.sync1.pid
argsfile	/usr/local/var/slapd.sync1.args
allow	bind_v2
threads	32
#loglevel	416
password-hash	{SSHA}
serverID 000
database	bdb
suffix		"dc=authentx"
rootdn          "cn=xroot,dc=authentx"
rootpw          SECRET
directory	/authentx/db/ldap/authentx-sync1
overlay syncprov
syncprov-checkpoint 100 15
syncprov-sessionlog 150000
# checkpoint <kbytes> <min>
checkpoint      128     20
#index for the objectclass
index		objectClass			eq,pres
index		cid,eid,pid			eq,pres
index		gcoid				eq,pres
index		sysid,certid		eq,pres
index		imageid,bioid		eq,pres
index		addrid,emplid		eq,pres
index		acid,apid,aeid		eq,pres
index		acpid,agpid			eq,pres
index		deviceid			eq,pres
index		qid					eq,pres
index		scid				eq,pres
index		docid				eq,pres
index		procid				eq,pres
index		prochandlerid		eq,pres
index		ounit				eq,pres
index		credentials			eq,pres
index		entities			eq,pres
index		permissions			eq,pres
index		region				eq,pres
index		aliasedObjectName	eq,pres
index		proctype			eq,pres
index		procname			eq,pres
index		status				eq,pres
index		upi,ediident		eq,pres
index		xsync				eq,pres
index		role,xrole			eq,pres
index		eroid				eq,pres
index		esfunction			eq,pres
index		nippsector			eq,pres
index		ercog,ercoop		eq,pres
index		eropron				eq,pres
index		xsyncid				eq,pres
index		stockid				eq,pres
index		stocktypecode		eq,pres
index		lotserialin			eq,pres
index		lotserialout		eq,pres
index		entryCSN,entryUUID	eq
index		incl				eq,pres
cachesize		10000
dncachesize		20000
idlcachesize	1000
sizelimit	500000
timelimit	36000
include		/usr/local/etc/openldap/acl.authentx
database monitor
Consumer slapd.conf file:
#
include		/usr/local/etc/openldap/schema/core.schema
include		/usr/local/etc/openldap/schema/cosine.schema
include		/usr/local/etc/openldap/schema/inetorgperson.schema
include		/usr/local/etc/openldap/schema/nis.schema
include		/usr/local/etc/openldap/schema/authentx.schema
pidfile		/usr/local/var/slapd.sync2.pid
argsfile	/usr/local/var/slapd.sync2.args
allow	bind_v2
threads	32
#loglevel	416
password-hash	{SSHA}
serverID 001
database	bdb
suffix		"dc=authentx"
rootdn          "cn=xroot,dc=authentx"
rootpw          SECRET
directory	/authentx/db/ldap/authentx-sync2
overlay syncprov
syncprov-checkpoint 100 15
syncprov-sessionlog 5000
# SLAVE server replication section
syncrepl	rid=001
    provider=ldap://localhost:3891
    type=refreshAndPersist
    retry="30 60 60 +"
    searchbase="dc=authentx"
    scope=sub
    schemachecking=off
    bindmethod=simple
    binddn="cn=xroot,dc=authentx"
    credentials="SECRET"
mirrormode on
# checkpoint <kbytes> <min>
checkpoint      128     20
#index for the objectclass
index		objectClass			eq,pres
index		cid,eid,pid			eq,pres
index		gcoid				eq,pres
index		sysid,certid		eq,pres
index		imageid,bioid		eq,pres
index		addrid,emplid		eq,pres
index		acid,apid,aeid		eq,pres
index		acpid,agpid			eq,pres
index		deviceid			eq,pres
index		qid					eq,pres
index		scid				eq,pres
index		docid				eq,pres
index		procid				eq,pres
index		prochandlerid		eq,pres
index		ounit				eq,pres
index		credentials			eq,pres
index		entities			eq,pres
index		permissions			eq,pres
index		region				eq,pres
index		aliasedObjectName	eq,pres
index		proctype			eq,pres
index		procname			eq,pres
index		status				eq,pres
index		upi,ediident		eq,pres
index		xsync				eq,pres
index		role,xrole			eq,pres
index		eroid				eq,pres
index		esfunction			eq,pres
index		nippsector			eq,pres
index		ercog,ercoop		eq,pres
index		eropron				eq,pres
index		xsyncid				eq,pres
index		stockid				eq,pres
index		stocktypecode		eq,pres
index		lotserialin			eq,pres
index		lotserialout		eq,pres
index		entryCSN,entryUUID	eq
index		incl				eq,pres
cachesize		10000
dncachesize		20000
idlcachesize	1000
sizelimit	100000
timelimit	36000
# the authentx database access control directives
include		/usr/local/etc/openldap/acl.authentx
database monitor