Hello list,

When starting slapd when an lmdb backend in readonly mode is on a readonly filesystem, slapd fails to start with:

66c347f4.334226ce 0x7fc9c14ffb08 @(#) $OpenLDAP: slapd 2.6.6 (Oct 22 2023 00:57:15) $ 2024-08-19T09:26:12.865756736-04:00 openldap 
2024-08-19T09:26:12.875884302-04:00 66c347f4.342f703c 0x7fc9c14ffb08 olcDbDirectory: value #0: invalid path: Read-only file system 
2024-08-19T09:26:12.875912369-04:00 66c347f4.3430d2ab 0x7fc9c14ffb08 config error processing olcDatabase={1}mdb,cn=config: olcDbDirectory: value #0: invalid path: Read-only file system 
2024-08-19T09:26:12.875942620-04:00 66c347f4.3434526e 0x7fc9c14ffb08 slapd stopped. 2024-08-19T09:26:12.875950918-04:00 66c347f4.343518c7 0x7fc9c14ffb08 connections_destroy: nothing to destroy.

Is there something I can set to make it start even though the filesystem is readonly?  For reference, the slapd configuration is below:

dn: cn=config
objectClass: olcGlobal
cn: config
olcPidFile: /etc/openldap/scratch/run/slapd.pid
olcArgsFile: /etc/openldap/scratch/run/slapd.args
olcLogLevel: stats
olcAuthzPolicy: none
olcSecurity: ssf=0 tls=0 simple_bind=0 transport=0
olcReadOnly: FALSE

dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=Subschema" by * read


dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/openldap
olcModuleload: back_mdb.so
olcModuleload: back_ldap.so
olcModuleLoad: ppolicy

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

include: file:///etc/openldap/schema/core.ldif

include: file:///etc/openldap/schema/cosine.ldif

include: file:///etc/openldap/schema/inetorgperson.ldif

dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: to dn.base="cn=config" 
  by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
  by * read
olcAccess: to dn.subtree="cn=config"
  by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
  by * read
olcAccess: to * by * read

dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcSuffix: ou=data,dc=example,dc=com
olcRootDN: cn=root,ou=data,dc=example,dc=com
olcRootPW: <REDACTED>
olcReadOnly: TRUE
olcDbDirectory: /var/lib/openldap/data
olcAccess: to dn.base="ou=data,dc=example,dc=com" by * read
# Allow full read access for now for testing.
olcAccess: to dn.subtree="ou=data,dc=example,dc=com"
    by * read
olcLimits: * size=unlimited time=unlimited
olcDbMaxsize: 171798691840
olcDbIndex: objectClass eq,pres
olcDbIndex: entryUUID eq
olcDbIndex: entryCSN eq
olcDbIndex: cn eq

Thanks in advance.

Zach