openldap-technical November 2012

openldap-technical@openldap.org

62 participants
68 discussions

Re: MSYS build and PCRE - Good news
by Anton Malov 27 Nov '12

27 Nov '12

I have described what am I doing at least 3 times. I am trying to build OpenLDAP using MinGW and MSYS packages from http://nuwen.net/mingw.html Configuration script tests for -lregex and -lgnuregex libraries, but beforementioned MinGW has PCRE precompiled to libpcre.a and libpcreposix.a May be you have installed PCRE on your system, but OpenLDAP was compiled using GNU regex or other POSIX regex library? On Mon, Nov 26, 2012 at 8:25 PM, Sergio NNX <sfhacker(a)hotmail.com> wrote: >> I am using MinGW distro from http://nuwen.net/mingw.html It states, that >> PCRE 8.31 is included which is the latest stable version for now >> http://pcre.org/ > > I've just built OpenLDAP 2.4.33 against PCRE 8.31 without any issues! > > Let me know how you're doing. > > Cheers.

1 0

Re: last login time
by Clément OUDOT 26 Nov '12

26 Nov '12

2012/11/14 Quanah Gibson-Mount <quanah(a)zimbra.com> > --On Wednesday, November 14, 2012 10:03 PM +0100 Clément OUDOT < > clem.oudot(a)gmail.com> wrote: > > Your OpenLDAP configuration will be compatible between 2.4.23 and 2.4.33. >> But LTB project install OpenLDAP in /usr/local, not in the default >> location, so you need to move your configuration in the new location. >> > > Why would they have to move the location of the configuration? The point > of the -F flag to slapd is that you can use a location of your choosing any > time you want to... > > Right. In LTB package, this can be done in /etc/default/slapd Clément.

4 15

Re: MSYS build and POSIX regex
by Anton Malov 26 Nov '12

26 Nov '12

On 26.11.2012 17:56, Sergio NNX wrote: > I agree with you it's outdated, but everybody is using it. It's also > mentioned on the OpenLDAP website. I can try with the PCRE libs on my > box. Can you send me the link to PCRE libs source code and which version > you have installed? I am using MinGW distro from http://nuwen.net/mingw.html It states, that PCRE 8.31 is included which is the latest stable version for now http://pcre.org/

1 0

Re: MSYS build and POSIX regex
by Anton Malov 26 Nov '12

26 Nov '12

On Fri, Nov 23, 2012 at 5:05 PM, Howard Chu <hyc(a)symas.com> wrote: > Only you can answer that. Read the config.log file and see what error > message was in it for the regfree test. As far as I can investigate the situation configure script tries to build following source to find regex library: | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char regfree (); | int | main () | { | return regfree (); | ; | return 0; | } There is 3 attempts to build it with or without various libraries: 1) cc -o conftest.exe -g -O2 conftest.c -lws2_32 >&5 C:\temp\temp\ccKv1vKc.o: In function `main': d:\MyProgram\kokoko\openldap-2.4.33/conftest.c:69: undefined reference to `regfree' 2) cc -o conftest.exe -g -O2 conftest.c -lregex -lws2_32 >&5 D:\Dev\mingw\bin/ld.exe: cannot find -lregex 3) cc -o conftest.exe -g -O2 conftest.c -lgnuregex -lws2_32 >&5 D:\Dev\mingw\bin/ld.exe: cannot find -lgnuregex But PCRE posix wrappers lives in libpcreposix.a. Is there any way to use pcre libraries (libpcreposix.a + libpcre.a) for openldap build? Should such behavior of configuration script be consifdered as bug?

1 0

Announcing MDB C++ wrapper
by ArtemGr 25 Nov '12

25 Nov '12

http://code.google.com/p/libglim/source/browse/trunk/mdb.hpp The wrapper adds Boost Serialization, iterators and triggers to the mix. Any serializable class can be used as a key or a value. Triggers can be used to maintain indexes. Notice that there is an MDB issue triggered when using this wrapper ( http://www.openldap.org/its/index.cgi?findid=7448 ), use at your own risk.

2 1

Re: slapd crashes with ch_realloc of X bytes failed
by Meike Stone 23 Nov '12

23 Nov '12

> >> Yes, not before January 2013 ... >> Hope after reorganization, slapd runs more stable... >> The only thing I can do for now. > > > It is highly unlikely that "reorganization" will change the overall > footprint of the slapd database. Yes, I see this now ... Id does not matter ... > Your best bet is to use tcmalloc with > slapd -- Just LD_PRELOAD it. But where to get, I use SLES11SP1 Thanks Meike

2 1

Re: slapd crashes with ch_realloc of X bytes failed
by Meike Stone 23 Nov '12

23 Nov '12

> >> I'm afraid to increase the cachesize in DB_CONFIG: > > > ch_realloc means the system ran out of memory. Increasing the DB_CONFIG > cachesize will run you out of memory more quickly. I'm sitting JUST NOW in front of the LDAP Server and slapcat/slapadd the database to reorganize .. (database is almost 4 years old) 2 hours ago, booth servers crashed again ... I can't belief, that 16G RAM not enough for 1500000 entires/objects ... I need about 5G for set_cache_size (DB_CONFIG) and the other RAM (11G) is for shared memory and the other caches (cachesize, dncachesize, idlcachesize). How much need the three caches? And if to less cache, the machines should run slower, but not run out of memory? > > The best thing for you to do would be to upgrade to OpenLDAP 2.4.33 and > switch to using back-mdb. Softwareupdate is possible not before january 2013. I was wrong with the version, we use 2.4.31 I'm looking to mdb since a few month, but is it usable for production? > > If you are not capable of doing that, I would suggest you use tcmalloc as an > alternative memory allocator to glibc, and reduce your entry cachesize and > idlcachesize. If you can reclaim enough space, you should increase your > DB_CONFIG cachesize, as that is the most important element of performance > with back-bdb/hdb. Yes, not before january 2013 ... Hope after reorganization, slapd runs more stable... The only thing I can do for now. Thanks Meike

2 1

slapd crashes with ch_realloc of X bytes failed
by Meike Stone 23 Nov '12

23 Nov '12

Hello, since a short time, my slapd crashes often. I have two servers running in MM replication. I use openldap version 2.4.30 (for updates are only dedicated timeslots...) The loglevel is set to 256 I see some strange messages in my log before the slapd crashes: "ch_realloc of 986032 bytes failed" --- "ch_malloc of 294896 bytes failed" --- "bdb(ou=root): txn_checkpoint: failed to flush the buffer cache: Cannot allocate memory" --- "ch_malloc of 34159 bytes failed" What does they mean, how can I solve this problem The System has 16GByte RAM, no other service is running there. The Database size is about 1500000 entires and the size of the ldif is about 2Gbyte Because of the memory messages, I reduced the cachesize 1000000 dncachesize 1000000 idlcachesize 3000000 to cachesize 750000 dncachesize 750000 idlcachesize 2250000 but the problem exist still again. I can't believe, that the memory is insufficient. Sysstat is running, and I see enough cache memory (about 5GByte all time), and the Swap (2GByte) is almost not used (about 2MByte). vm.swappiness is set to default (60), so the Swap should used more before the memory is running out. OOM Kill is enabled via SYSRQ (signalling of processes), so slapd should terminated by the kernel ... My configuration: == DB_CONFIG ================================== set_cachesize 2 0 1 set_lg_regionmax 262144 set_lg_bsize 2097152 set_flags DB_LOG_AUTOREMOVE == slapd.conf ================================== include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/yast.schema include /etc/openldap/schema/rfc2307bis.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args modulepath /usr/lib/ldap moduleload back_bdb moduleload syncprov moduleload back_monitor sizelimit -1 timelimit 300 disallow bind_anon require authc gentlehup on tool-threads 8 serverID <001|002> database bdb suffix "ou=demo" rootdn "cn=admin" directory /var/lib/ldap loglevel 256 cachesize 750000 dncachesize 750000 idlcachesize 2250000 cachefree 500 dirtyread dbnosync shm_key 7 checkpoint 4096 15 index objectClass,entryUUID,entryCSN eq index cn eq,sub index ... own indexes syncrepl rid=<001|002> provider=ldap://master-<01|02> type=refreshAndPersist keepalive=360:10:5 retry="5 5 300 +" searchbase="ou=demo" attrs="*,+" overlay syncprov mirrormode TRUE syncprov-checkpoint 100 5 database monitor ========================================== (I know, dirtyread and dbnosync are not recommended..) Additional I see messages like: "bdb_idl_delete_key: c_del id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30995)" Should I care about it? Thanks Meike

3 4

OpenLDAP 2.4.32 back_sql Oracle 10 - error executing at_query (?)
by Barros, Nuno Alexandre Freire, Vodafone Portugal 23 Nov '12

23 Nov '12

Hi. I'm having trouble against an Oracle 10 database using: - Solaris 10 Sparc - OpenLDAP 2.4.32 - unixODBC 2.2.14 - Oracle Instant Client 10.2.0.5.0 I get this errors: 50ae749e backsql_oc_get_attr_mapping(): error executing at_query "SELECT name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_r eturn,sel_expr_u FROM ldap_attr_mappings WHERE oc_map_id=?" for objectClass "inetOrgPerson" with param oc_id=1 50ae749e Return code: -1 50ae749e <==backsql_load_schema_map() 50ae749e backsql_db_open(): schema mapping failed, exiting 50ae749e backend_startup_one (type=sql, suffix="app=contentfilter,ou=app,ou=vodafone-pt,c=pt,o=vodafone"): bi_db_open failed! (1) when I use this configuration file: bash-3.2# cat ldap.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/conf/inetorgperson.schema pidfile /app/users/ldap/slapd.pid argsfile /app/users/ldap/slapd.args idletimeout 0 threads 32 timelimit 5 modulepath /opt/csw/libexec/openldap moduleload back_sql.la ####################################################################### # sql database definitions ####################################################################### database sql suffix "app=contentfilter,ou=app,ou=vodafone-pt,c=pt,o=vodafone" rootdn "vfsid=root,app=contentfilter,ou=app,ou=vodafone-pt,c=pt,o=vodafone" rootpw cu906B2H04cNE #dbname ORACLE10_FREE dbname ORACLE10 dbuser EREXTENSION dbpasswd ERSINPRD subtree_cond "UPPER(ldap_entries.dn) LIKE CONCAT('%',UPPER(?))" insentry_stmt "INSERT INTO ldap_entries (id,dn,oc_map_id,parent,keyval) VALUES (ldap_entry_ids.nextval,?,?,?,?)" upper_func UPPER has_ldapinfo_dn_ru no readonly on access to * by dn="vfsid=root,app=contentfilter,ou=app,ou=vodafone-pt,c=pt,o=vodafone" read by users read by * auth So I added this line to ldap.conf (oc_map_id=1 instead of oc_map_id=?) and this way I'm able to start LDAP: at_query "SELECT name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_r eturn,sel_expr_u FROM ldap_attr_mappings WHERE oc_map_id=1" But then I get other issues related to the character "?" for example I'm unable to get results from the database if I use that character: 50afc6d1 backsql_get_attr_vals(): error executing attribute count query 'SELECT COUNT(*) FROM accounts,customer_attributes_values_t WHERE accounts.id=? AND customer_attributes_values_t.account_id=accounts.id and customer_attributes_values_t.attribute_id = 83' 50afc6d1 Return code: -1 50afc6d1 backsql_get_attr_vals(): error executing attribute count query 'SELECT COUNT(*) FROM ldap_entry_objclasses,ldap_entries,accounts WHERE accounts.id=? AND ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entries.keyval=accounts.id and ldap_entries.oc_map_id=1' 50afc6d1 Return code: -1 Strange thing is that I have other machine which I'm migrating that works fine against same Oracle database but it uses: - Solaris 9 - OpenLDAP 2.3.24 - unixODBC 2.2.12 - Oracle Instant Client 10.2.0.3.0 I may try to downgrade to the "working" versions of unixODBC and Oracle Instant Client but I prefer to keep the ones I installed in the new machine. Same thing regarding OpenLdap version. Anyway I would like to understand the issue I'm facing instead of changing versions of software. Does someone know (and understand) what's going on with this? Thanks, Nuno Barros

1 0

MSYS build and POSIX regex
by Anton Malov 23 Nov '12

23 Nov '12

Trying to build openldap with msys and mingw using distribution from http://nuwen.net/mingw.html The problem is the configure script can not find regex library and provides following output: checking for regex.h... yes checking for library containing regfree... no configure: error: POSIX regex required. But the distribution contains precompiled pcre library and regex.h contains regfree function declaration. What is going wrong?

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

openldap-technical November 2012