On both masters, I get exactly the same result (command ran as root of course):
ls -lZd /etc/openldap/slapd.d /etc/openldap/slapd.d/cn=config.ldif
drwx------. ldap ldap system_u:object_r:slapd_db_t:s0 /etc/openldap/slapd.d
-rw-------. ldap ldap unconfined_u:object_r:etc_t:s0 /etc/openldap/slapd.d/cn=config.ldif
getfacl /etc/openldap/slapd.d /etc/openldap/slapd.d/cn=config.ldif
getfacl: Removing leading '/' from absolute path names
# file: etc/openldap/slapd.d
# owner: ldap
# group: ldap
user::rwx
group::---
other::---
# file: etc/openldap/slapd.d/cn=config.ldif
# owner: ldap
# group: ldap
user::rw-
group::---
other::---
Maybe the problem would also appear on the 1st master if I had tried to configure it after the second one.
I mean the problem may not be due to a specific machine but rather to the configuration order ..
2012/5/10 Brandon Hume
<hume-ol@bofh.ca>
On 10/05/2012 2:21 PM, Cyril Grosjean wrote:
May 10 19:12:40 sashimi slapd[24866]: ldif_write_entry: cannot create file for "olcDatabase={0}config,cn=config": Permission denied
To add to Quanah's reply, it'd be interesting to see the results of an strace of the slapd process. Using the above as an example, you could try (as root):
strace -vv -s 1500 -e trace=file -f -o /tmp/slapd.strace -p 24866
Try to modify the config (olcLogLevel on cn=config, for example) and then ^C strace, and then grep for cn=config.ldif. I suspect you might find some EACCES or EPERM errors on the open() calls for that file.
--
Cyril Grosjean
Tél : 0489 829 238
Fax : 0955 260 370
Mob : 0685 599 481