<quote who="Howard Chu">
Gavin Henry wrote:
> Next one:
>
> [root@suretec openldap]# slaptest
> monitor_back_register_entry_attrs(""):
base="cn=databases,cn=monitor"
> scope=one
>
filter="(namingContexts:distinguishedNameMatch:=dc=suretecsystems,dc=com)":
> unable to find entry
>
> backend_startup_one: bi_db_open failed! (1)
> slap_startup failed (test would succeed using the -u switch)
Pretty sure you reported this in an ITS a while back. The monitor DB
defaults
to no anonymous read access. You need to define a rootDN for the monitor
DB so
that the registration functions can actually see the tree. (The
registration
ops try to run as the rootDN, but if none is set, that means a zero-length
DN,
i.e. anonymous.)
Ah, yes. That was for the translucent/rwm ticket I think.
I think this is a flaw in the design of these registration ops in
back-monitor,
they shouldn't depend on an actual Search operation to get their work
done. The
monitor code ought to be able to directly locate the entry corresponding
to a
given BackendDB pointer, and whatever lookup should not require filter or
ACL
evaluation.
I'm not qualified enough to comment yet....