Hi to all,
I have a strange problem. If I install the following LDIFs in an multi provider environment, build directly on vritualBox VMs, everyting is fine:
--------Schema extension -------- dn: cn=stkaPosixExtension,cn=schema,cn=config objectClass: olcSchemaConfig cn: stkaPosixExtension olcObjectClasses: ( 1.3.6.1.4.1.56860.1.2.1 NAME 'stkaPosixGroup' DESC 'advanced PosixGroup for dynamic use' SUP top AUXILIARY MUST ( cn $ gidNumber ) MAY ( userPassword $ memberUid $ description ) ) olcObjectClasses: ( 1.3.6.1.4.1.56860.1.2.2 NAME 'stkaPosixAccount' DESC 'advanced PosixAccount for dynamic use' SUP posixAccount AUXILIARY MAY ( memberUID ) ) --------------------------------
---- Overlay autogroup ------------ dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: autogroup.la
dn: olcOverlay=autogroup,olcDatabase={2}mdb,cn=config changetype: add objectClass: olcAutoGroupConfig objectClass: olcOverlayConfig olcOverlay: autogroup olcAutoGroupAttrSet: groupOfURLs memberURL memberUID
----------------------------------- dn: cn=dynposix,ou=groups,dc=example,dc=net cn: dynposix objectClass: top objectClass: groupOfURLs objectClass: stkaPosixGroup gidNumber: 4242 memberURL: ldap:///dc=example,dc=net?memberUID?sub?(title=Linuxuser) --- dynamic group -------------
--- dynamic group user ------- dn: uid=dynuser,ou=users,dc=example,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: stkaPosixAccount cn: John Doe sn: Dynamo title: Linuxuser uid: dynuser gidNumber: 1000 homeDirectory: /home/dynuser uidNumber: 12345 userPassword: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$ZHN2cnZ0... memberUid: dynuser
------------------------------
I can see the user, replication of cn0config is working, even if I add new changes.
No I want to do a setup with vagrant and Debian13. As soon as I try to add the overlay (the schema extension is working fine) the OpenLDAP i crashing wit the following message:
------------------------------ Dec 16 11:16:49 ldap02 slapd[3344]: syncprov_db_open: starting syncprov for suffix cn=config Dec 16 11:16:49 ldap02 slapd[3344]: conn=-1 op=0 syncprov_findcsn: mode=FIND_MAXCSN csn= Dec 16 11:16:49 ldap02 systemd[1]: symas-openldap-server.service: Main process exited, code=killed, status=11/SEGV Dec 16 11:16:49 ldap02 systemd[1]: symas-openldap-server.service: Failed with result 'signal'.
------------------------------
I have never seen this message before. Any hint where I can search for the problem?
Stefan
On Tue, Dec 16, 2025 at 02:44:37PM +0100, Stefan Kania wrote:
Hi to all,
I have a strange problem. If I install the following LDIFs in an multi provider environment, build directly on vritualBox VMs, everyting is fine: [...] I can see the user, replication of cn0config is working, even if I add new changes.
No I want to do a setup with vagrant and Debian13. As soon as I try to add the overlay (the schema extension is working fine) the OpenLDAP i crashing wit the following message:
Dec 16 11:16:49 ldap02 slapd[3344]: syncprov_db_open: starting syncprov for suffix cn=config Dec 16 11:16:49 ldap02 slapd[3344]: conn=-1 op=0 syncprov_findcsn: mode=FIND_MAXCSN csn= Dec 16 11:16:49 ldap02 systemd[1]: symas-openldap-server.service: Main process exited, code=killed, status=11/SEGV Dec 16 11:16:49 ldap02 systemd[1]: symas-openldap-server.service: Failed with result 'signal'.
I have never seen this message before. Any hint where I can search for the problem?
Hi Stefan, you probably want to gather the core and post the backtrace ("thread apply all bt full") to get an indication of what the issue might be.
A SEGV indicates a bug in slapd so if you have a simple way of reproducing this that we can use, feel free to file a bug with all the relevant information.
Thank you,
Hi Ondřej,
I could send you the backup of cn=config so you can setup your own environment to test it, but as I said, it only happened in a vagrant environment :-(
Am 16.12.25 um 15:23 schrieb Ondřej Kuzník:
On Tue, Dec 16, 2025 at 02:44:37PM +0100, Stefan Kania wrote:
Hi to all,
I have a strange problem. If I install the following LDIFs in an multi provider environment, build directly on vritualBox VMs, everyting is fine: [...] I can see the user, replication of cn0config is working, even if I add new changes.
No I want to do a setup with vagrant and Debian13. As soon as I try to add the overlay (the schema extension is working fine) the OpenLDAP i crashing wit the following message:
Dec 16 11:16:49 ldap02 slapd[3344]: syncprov_db_open: starting syncprov for suffix cn=config Dec 16 11:16:49 ldap02 slapd[3344]: conn=-1 op=0 syncprov_findcsn: mode=FIND_MAXCSN csn= Dec 16 11:16:49 ldap02 systemd[1]: symas-openldap-server.service: Main process exited, code=killed, status=11/SEGV Dec 16 11:16:49 ldap02 systemd[1]: symas-openldap-server.service: Failed with result 'signal'.
I have never seen this message before. Any hint where I can search for the problem?
Hi Stefan, you probably want to gather the core and post the backtrace ("thread apply all bt full") to get an indication of what the issue might be.
How do I get the full backtrace, so you will get all the information you need?
A SEGV indicates a bug in slapd so if you have a simple way of reproducing this that we can use, feel free to file a bug with all the relevant information.
That's easy it happens every time I do a "vagrant up " ;-)
Thank you,
Stefan
--On Tuesday, December 16, 2025 4:37 PM +0100 Stefan Kania stefan@kania-online.de wrote:
How do I get the full backtrace, so you will get all the information you need?
Assuming the build of slapd & related libraries are not stripped and/or have the symbol packages installed, I generally do:
gdb /path/to/slapd <pid>
Then inside gdb:
set pagination off set logging file gdb.output set logging on thread apply all backtrace full set logging off quit
Regards, Quanah
Thank you for your help Quanah and Ondřej,
I had a lot to do so my answer comes a little bit late :-(. Now I did a rewrite of the ldif-file (note copy and paste) that causes the problem and it's working now. I did a "diff" on both files, now difference :-(. But now it works and I can setup the dynamic posix-groups in my vagrant environment. Am 06.01.26 um 18:11 schrieb Quanah Gibson-Mount:
--On Tuesday, December 16, 2025 4:37 PM +0100 Stefan Kania stefan@kania-online.de wrote:
How do I get the full backtrace, so you will get all the information you need?
Assuming the build of slapd & related libraries are not stripped and/or have the symbol packages installed, I generally do:
I'm always using the symas packages ;-)
gdb /path/to/slapd <pid>
Then inside gdb:
set pagination off set logging file gdb.output set logging on thread apply all backtrace full set logging off quit
Regards, Quanah
This is a nice tip to test if there is a problem. Thank's for that.
Stefan
openldap-technical@openldap.org
-
Ondřej Kuzník -
Quanah Gibson-Mount -
Stefan Kania