Hello
Am using OpenLDAP 'openldap-2.4.31' on debian. I have configured syncrepl .Everything work’s normal. But frequently am getting below Error. The log file ownership is getting changed any one of the node automatically .
here is the Error From syslog.
Mar 29 12:14:26 xxx slapd[29405]: conn=5774 op=40651 SEARCH RESULT tag=101 err=0 nentries=1 text=
Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx): /var/lib/ldap/xxx/log.0000000883:
log xxxle unreadable: Permission denied
Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx): PANIC: Permission denied
Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx): DB_ENV->log_newfh: 883: DB_RUNRECOVERY: Fatal error, run database recovery
Mar 29 12:14:29 xxx slapd[29405]: bdb(dc=xxx,dc=xxx,dc=xxx): txn_checkpoint: log failed at LSN [883 68682]: DB_RUNRECOVERY: Fatal error, run database recovery
Mar 29 12:14:30 xxx slapd[29405]: conn=5774 op=40652 SRCH base="" scope=0 deref=3 xxxlter="(objectClass=*)"
Mar 29 12:14:30 xxx slapd[29405]: conn=5774 op=40652 SRCH attr=objectclass
Any idea what is going wrong here?
LDAP is running as below user .
openldap:x:106:108:OpenLDAP Server Account,,,:/var/lib/ldap:/bin/false
$ id openldap uid=106(openldap) gid=108(openldap) groups=108(openldap)
I dont find any logs for open file issue.But still i pasted below settings. open file limit settings
openldap soft nofile 65536 openldap hard nofile 65536
slapd.conf settings
loglevel sync stats modulepath /usr/lib/ldap moduleload back_hdb moduleload syncprov sizelimit 500 tool-threads 8 threads 16 backend hdb database hdb monitoring on cachesize 50000 idlcachesize 50000 directory "/var/lib/ldap/account" dbconfig set_cachesize 0 167772160 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass,snAccount,snEnabled,entryCSN,entryUUID eq index cn eq,pres,subany lastmod on checkpoint 5120 30 access to dn.base="" by * read syncrepl rid=001 provider=ldap://xx.xx.xxx.xxx bindmethod=simple binddn="cn=xxx,ou=administrators,dc=test,dc=IN" credentials=xxx searchbase="dc=account,dc=test,dc=IN" schemachecking=on type=refreshAndPersist retry="10 +" mirrormode on overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 10000
Br/Prashanth