On 1/5/19 2:38 AM, Ulrich Windl wrote:
Out of curiosity: Why are you rebuilding the database in a cron job?
Our LDAP is not the authorative data store. We generate LDIFs on the fly to feed to ldapmodify in a cron job. Once in a while that doesn't work - some error happens, or a change which the automatics don't cover. Then the cron job instead applies the change by building a fresh LDAP DB from a full generated LDIF.
Is it the inability of MDB to handle free space properly (i.e.: Your garbage collection)?
No, not relevant to this issue. Though yes, GC is a concern. And also, since I'm currently coding error handling, I want more intersting errors to handle than MDB can "deliver".
Second: Why do you start the new database under a new name? Why not move the current one under a new name, create the new one with the same (old) name, then force slapd to reopen the (new) database?
Then we'd have to stop slapd before moving the old DB, and slapd would need to stay down during slapadd. So instead we point a temporary config at a new dir, slapadd to that dir, and give the new dir to slapd.
The crude but safe and simple way is then indeed to stop slapd, rename the new dir into place, and restart slapd. Changing olcDbDirectory is nicer in that we do not need to stop slapd. But instead there we get a bunch of new possible error situations to handle. Automatically, when most of those situations smell "ask for human help".