Bug 440693 - slapd when running as a syncrepl consumer uses the search timout from ldap.conf over the one from the syncrepl statement in slapd.conf
Summary: slapd when running as a syncrepl consumer uses the search timout from ldap.co...
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: openldap   
(Show other bugs)
Version: 5.3
Hardware: i686 Linux
Target Milestone: rc
: ---
Assignee: Jan Safranek
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2008-04-04 14:45 UTC by Linus van Geuns
Modified: 2010-07-16 15:09 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-01-20 20:53:43 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch for openldap 2.3.27 (990 bytes, patch)
2008-04-09 13:43 UTC, Jan Safranek
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0090 normal SHIPPED_LIVE openldap bug fix and enhancement update 2009-01-20 16:04:26 UTC

Description Linus van Geuns 2008-04-04 14:45:12 UTC
Description of problem:
When slapd is configured to be a syncrepl consumer and the 'timelimit' ist
explicitly set to '=unlimited' in the syncrepl statement in addition to a
different timelimit statement in the ldap.conf, slapd uses the timeout from

This is a bug, because the timelimit setting in the syncrepl statement should
overwrite any 'client default setting' in ldap.conf. And it's very hard to
debug, too.. ;-)

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. configure a syncrepl provider with a huge amount of eentries (at least 1000)
and 'loglevel sync stats'
2. configure a syncrepl consumer for the provider with an empty database
3. set 'timelimit=unlimited' in the syncrepl statement of your consumer
4. set a very low timelimit in your ldap.conf on the consumer host - for example
'timelimit 2' (2 seconds) - so it will be exceeded by the consumers search operation
5. start a tail -f on the provider slapds log file
6. you will see that the search operation of the consumer will be stoped
prematurely with 'err=3' (timelimit exceeded).
Actual results:
syncrepl consumer replicates only some of the providers entries

Expected results:
a complete replication of the providers entries to the consumer

Additional info:

Comment 1 Jan Safranek 2008-04-09 13:43:16 UTC
Created attachment 301804 [details]
patch for openldap 2.3.27

The upstream one does not apply clearly, I'm attaching patch for
openldap-2.3.27 to have it when the time comes.

Comment 2 RHEL Product and Program Management 2008-06-02 20:10:06 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update

Comment 7 errata-xmlrpc 2009-01-20 20:53:43 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.