I know this is probably a "don't do that", but I was somewhat surprised by the outcome.
I was doing a: slapadd -S 1 -q -w -l ~/load_noCSN.ldif
... and wanted to see what was actually added to the database, so I ran slapcat - which immediately made bot apps crash.
=> bdb_last_id: get failed: DB_PAGE_NOTFOUND: Requested page not found (-30986)
(slapd 2.4.19, BDB4.8 using hdb)
/Peter
--On November 18, 2009 1:35:42 PM +0100 Peter Mogensen apm@mutex.dk wrote:
I know this is probably a "don't do that", but I was somewhat surprised by the outcome.
Don't do that. :) Remember, for example, that slapadd -q is doing a very minimal protected BDB environment which fully expects nothing else to be touching it. You can use db_stat commands to query the progress of the load.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount wrote:
--On November 18, 2009 1:35:42 PM +0100 Peter Mogensen apm@mutex.dk wrote:
I know this is probably a "don't do that", but I was somewhat surprised by the outcome.
Don't do that. :) Remember, for example, that slapadd -q is doing a very minimal protected BDB environment which fully expects nothing else to be touching it. You can use db_stat commands to query the progress of the load.
Yes... Knowing that I would have expected slapcat to fail/crash. But I wouldn't expect slapadd to crash to - being the first to open the BDB environment. If any slapadd can be crashed by any user/shell executing slapcat (with write perms to the dir), then it can be difficult to protect an long running (hours) slapadd from being crashed by accident.
/Peter
--On November 18, 2009 5:50:59 PM +0100 Peter Mogensen apm@mutex.dk wrote:
Yes... Knowing that I would have expected slapcat to fail/crash.
I think you're missing the point. *slapadd* with -q expects no other tools to be touching its environment. It makes perfect sense to me that it crashed.
But I wouldn't expect slapadd to crash to - being the first to open the BDB environment. If any slapadd can be crashed by any user/shell executing slapcat (with write perms to the dir), then it can be difficult to protect an long running (hours) slapadd from being crashed by accident.
I'd suggest then not allowing random users to slapcat your directory. And if you have processes that run slapcat, then set that up in a shell script with protections, like you touch a file called /etc/noslapcat and if that exists, then your process will exit without running slapcat.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
Peter Mogensen -
Quanah Gibson-Mount