Thanks for the reply, Howard.

Thanks for pointing me in the right direction.  From what I have read there are two options.

1) Copy /usr/share/openldap-servers/DB_CONFIG.example to /var/lib/domain then rebuild the database.
2) Enable checkpointing in slapd.conf

Does enabling checkpointing in slapd.conf require rebuilding the database or can I simply restart slapd.conf?  We are not using online configuration.

Best
Doug



Thanks,

Douglas Duckworth, MSc, LFCS
HPC System Administrator
Scientific Computing Unit
Physiology and Biophysics
Weill Cornell Medicine
E: doug@med.cornell.edu
O: 212-746-6305
F: 212-746-8690

On Fri, Aug 25, 2017 at 8:55 AM, Howard Chu <hyc@symas.com> wrote:
Douglas Duckworth wrote:
> Hi
>
> I am running openldap-servers-2.4.40-16.el6.x86_64 cluster on Centos 6.9.  My
> /var/lib/ldap directory contains many 10MB log files.  /var partition rather
> small...
>
> I've read they can be removed either by running "sudo db_archive -d -h
> /var/lib/ldap/domain" or by defining "DB_LOG_AUTOREMOVE" within the file
> "DB_CONFIG."  That file does not presently exist whereas the db_archive
> command does not actually remove any of the log files.

If the db_archive command doesn't remove anything, that means it thinks all of
the log files are still in active use.

Read the docs more carefully.
https://urldefense.proofpoint.com/v2/url?u=http-3A__docs.oracle.com_cd_E17076-5F05_html_programmer-5Freference_transapp-5Flogfile.html&d=DwICaQ&c=lb62iw4YL4RFalcE2hQUQealT9-RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m=WP95x8mwSiEHHqUWRqJv6WdpfcTtJDAUAKN756yEEDA&s=Kfi27b4v7vABZjPQYMkeo4xBqUyDGZeyB8pHAFin8xY&e=

>
> Can I remove the old log files manually using rm?

Not if the above is true, you will corrupt the logs and the DB will fail to
open on a subsequent restart.

> If not should I create
> /var/lib/ldap/DB_CONFIG then restart slapd to make this removal automatic?

> Do you have any idea why db_archive does not work or produce any helpful error
> to stdout?

There's no error message because there's no error, everything is working as
designed.

You need to do periodic checkpoints to allow log files to be closed, and then
db_archive will be able to remove some of them.

--
   -- Howard Chu
   CTO, Symas Corp.           https://urldefense.proofpoint.com/v2/url?u=http-3A__www.symas.com&d=DwICaQ&c=lb62iw4YL4RFalcE2hQUQealT9-RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m=WP95x8mwSiEHHqUWRqJv6WdpfcTtJDAUAKN756yEEDA&s=IT7tNF72SCugdO8WpRd-oNsk4nPNpdjE2aUFL4R4X_M&e=
   Director, Highland Sun     https://urldefense.proofpoint.com/v2/url?u=http-3A__highlandsun.com_hyc_&d=DwICaQ&c=lb62iw4YL4RFalcE2hQUQealT9-RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m=WP95x8mwSiEHHqUWRqJv6WdpfcTtJDAUAKN756yEEDA&s=XqfYCnjG9ibPbeW05QZOlWdl9u0ZH-7IXkxx0gh238k&e=
   Chief Architect, OpenLDAP  https://urldefense.proofpoint.com/v2/url?u=http-3A__www.openldap.org_project_&d=DwICaQ&c=lb62iw4YL4RFalcE2hQUQealT9-RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m=WP95x8mwSiEHHqUWRqJv6WdpfcTtJDAUAKN756yEEDA&s=-tGdeTJRpeaRbljBBUq49XgfNWzVElqiGEgv0LeqspU&e=