Hi,
We are running the standard openldap-2.2.13 and Berkeley DB 4.2.52 packages on a RHEL 4 server.
Every few weeks, the LDAP service will stop responding to queries, updates etc. The service is still running etc. but it never responds to requests.
The only way to resolve the issue is to stop ldap, run db_recover and then start it again. This is in our test environment (it has happened 4 times recently) but we are looking to go into production soon.
Has anyone experience similar issues on RHEL 4 or have any idea how to prevent this from occurring?
There wasn't anything of note in the logs before the service stopped responding (loglevel 256). I restarted the service (without running db_recover) with loglevel -1. Still had the same unresponsive service, but noticed this in the logs.
Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: activity on 1 descriptors Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: new connection on 9 Jan 15 12:01:51 linuxtest3 slapd[18755]: conn=0 fd=9 ACCEPT from IP=136.186.226.57:43999 (IP=0.0.0.0:389) Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: added 9r Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: activity on: Jan 15 12:01:51 linuxtest3 slapd[18755]: Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: activity on 1 descriptors Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: activity on: Jan 15 12:01:51 linuxtest3 slapd[18755]: 9r Jan 15 12:01:51 linuxtest3 slapd[18755]: Jan 15 12:01:51 linuxtest3 slapd[18755]: daemon: read activity on 9 Jan 15 12:01:51 linuxtest3 slapd[18755]: connection_get(9) Jan 15 12:01:51 linuxtest3 slapd[18755]: connection_get(9): got connid=0 Jan 15 12:01:52 linuxtest3 slapd[18755]: connection_read(9): checking for input on id=0 Jan 15 12:01:52 linuxtest3 slapd[18755]: ber_get_next on fd 9 failed errno=11 (Resource temporarily unavailable) Jan 15 12:01:52 linuxtest3 slapd[18755]: do_bind Jan 15 12:01:52 linuxtest3 slapd[18755]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 15 12:01:52 linuxtest3 slapd[18755]: >>> dnPrettyNormal: <cn=bob,dc=swin,dc=edu,dc=au> Jan 15 12:01:52 linuxtest3 slapd[18755]: <<< dnPrettyNormal: <cn=bob,dc=swin,dc=edu,dc=au>, <cn=bob,dc=swin,dc=edu,dc= au> Jan 15 12:01:52 linuxtest3 slapd[18755]: do_bind: version=3 dn="cn=bob,dc=swin,dc=edu,dc=au" method=128 Jan 15 12:01:52 linuxtest3 slapd[18755]: conn=0 op=0 BIND dn="cn=bob,dc=swin,dc=edu,dc=au" method=128 Jan 15 12:01:52 linuxtest3 slapd[18755]: ==> bdb_bind: dn: cn=bob,dc=swin,dc=edu,dc=au Jan 15 12:01:52 linuxtest3 slapd[18755]: bdb_dn2entry("cn=bob,dc=swin,dc=edu,dc=au") Jan 15 12:01:52 linuxtest3 slapd[18755]: => bdb_dn2id( "dc=swin,dc=edu,dc=au" ) Jan 15 12:01:52 linuxtest3 slapd[18755]: <= bdb_dn2id: got id=0x00000006 Jan 15 12:01:52 linuxtest3 slapd[18755]: => bdb_dn2id( "cn=bob,dc=swin,dc=edu,dc=au" ) Jan 15 12:01:52 linuxtest3 slapd[18755]: <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-3099 0)
thanks,
Daniel
--On Wednesday, January 16, 2008 11:12 AM +1100 Daniel Buttigieg dbuttigieg@swin.edu.au wrote:
Hi,
We are running the standard openldap-2.2.13 and Berkeley DB 4.2.52 packages on a RHEL 4 server.
The current OpenLDAP release is OpenLDAP 2.4.7. Your release is years out of date and thousands of bug fixes behind.
Please note that the packages "provided" by redhat are not to be used for running an OpenLDAP server. They are installed for the client libraries so that other ldap aware utilities can use them. Using the RH provided packages puts your data at extreme risk.
If you wish to use OpenLDAP on RHEL, I highly advise that you use the packages provided by Symas (http://www.symas.com) or by Buchan Milne (http://staff.telkomsa.net/packages/).
As a side note, 2.2.13 was a very early 2.2 release, and known to have many problems fixed later in the 2.2 series. I also highly doubt that the version of BDB 4.2.52 shipped with RH has the required BDB patches.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount wrote:
--On Wednesday, January 16, 2008 11:12 AM +1100 Daniel Buttigieg dbuttigieg@swin.edu.au wrote:
Hi,
We are running the standard openldap-2.2.13 and Berkeley DB 4.2.52 packages on a RHEL 4 server.
The current OpenLDAP release is OpenLDAP 2.4.7. Your release is years out of date and thousands of bug fixes behind.
Please note that the packages "provided" by redhat are not to be used for running an OpenLDAP server. They are installed for the client libraries so that other ldap aware utilities can use them. Using the RH provided packages puts your data at extreme risk.
If you wish to use OpenLDAP on RHEL, I highly advise that you use the packages provided by Symas (http://www.symas.com) or by Buchan Milne (http://staff.telkomsa.net/packages/).
As a side note, 2.2.13 was a very early 2.2 release, and known to have many problems fixed later in the 2.2 series. I also highly doubt that the version of BDB 4.2.52 shipped with RH has the required BDB patches.
--Quanah
I think we should have an auto parser for any e-mail that contains 2.2, RHEL or Red Hat and send out this response ;-)
On Wednesday 16 January 2008 02:12:05 Daniel Buttigieg wrote:
Hi,
We are running the standard openldap-2.2.13 and Berkeley DB 4.2.52 packages on a RHEL 4 server.
Either get Red Hat to support what they have provided you with, or upgrade to something that the people on this list are prepared to support. 2.3.39 (hopefully I'll find time for 2.3.40 this week) or 2.4.7 available packaged such that they will not affect any other packages (or each other) are available here:
http://staff.telkomsa.net/packages/
Regards, Buchan
openldap-software@openldap.org
-
Buchan Milne -
Daniel Buttigieg -
Gavin Henry -
Quanah Gibson-Mount