All,

 

I just restarted with the group, and the OpenLDAP software has not been upgraded – currently 2.4.23 (that will be coming…hopefully).  Anyway, an issue that was brought to my attention upon starting was that slapd needs to be restarted daily.  It is still running, it just stops responding (no one can log in).  Nothing has, previously, been found in the logs.  The other day, during my initial search through the slapd logs I found:

 

conn=1144 op=1 SRCH attr=automountKey automountInformation

<= bdb_equality_candidates: (automountKey) not indexed

<= bdb_equality_candidates: (automountKey) not indexed

<= bdb_equality_candidates: (automountKey) not indexed

 

Which I added “olcDbIndex: automountKey eq” to the cn=config/olcDatabase={1}bdb.ldif.  Took care of that one.  But, under further investigation I am finding this, repeatedly (for slapcat, slapd, and others):

 

Dec  5 00:00:02 server_name slapcat: unable to dlopen /usr/lib/sasl2/libanonymous.so.2: /usr/lib/sasl2/libanonymous.so.2: wrong ELF class: ELFCLASS32

Dec  5 00:00:02 server_name slapcat: unable to dlopen /usr/lib/sasl2/libplain.so.2: /usr/lib/sasl2/libplain.so.2: wrong ELF class: ELFCLASS32

Dec  5 00:00:02 server_name slapcat: unable to dlopen /usr/lib/sasl2/libsasldb.so.2: /usr/lib/sasl2/libsasldb.so.2: wrong ELF class: ELFCLASS32

Dec  5 00:00:02 server_name slapcat: unable to dlopen /usr/lib/sasl2/liblogin.so.2: /usr/lib/sasl2/liblogin.so.2: wrong ELF class: ELFCLASS32

Dec  5 02:00:02 server_name setroubleshoot: SELinux is preventing sendmail (system_mail_t) "read" to libsasl2.so.2 (usr_t). For complete SELinux messages. run sealert -l c4516acc-2dde-4dca-973e-86cd6686ee9f

Dec  5 02:30:02 server_name setroubleshoot: SELinux is preventing sendmail (system_mail_t) "read" to libsasl2.so.2 (usr_t). For complete SELinux messages. run sealert -l c4516acc-2dde-4dca-973e-86cd6686ee9f

Dec  5 02:31:08 server_name tar: nss-ldap: do_open: do_start_tls failed:stat=-1

 

Not sure why it should even been trying to use the these lib files, as one, we are not using SASL.  Looking at “ldd slapd” it is seeing only 64-bit libraries.

 

Anyone have any suggestions?

 

 

 

John D. Borresen (Dave)

Linux/Unix Systems Administrator

MIT  Lincoln Laboratory

Surveillance Systems Group

244 Wood St

Lexington, MA  02420

Ph: (781) 981-1609

Email: john.borresen@ll.mit.edu