Hide Forgot
Description of problem: Updating for RHEL6.0 to RHEL6.1 including openldap-servers package using yum causes slapd to fail. This happens when slapd.conf is used instead of slapd.d/cn=config.ldif as configuration file. Version-Release number of selected component (if applicable): Version of Openldap provided in RHEL6.0 openldap-2.4.19-15.el6_0.2.x86_64 openldap-clients-2.4.19-15.el6_0.2.x86_64 openldap-servers-2.4.19-15.el6_0.2.x86_64 Version of openldap provided in RHEL6.1 openldap-clients-2.4.23-15.el6.x86_64 openldap-2.4.23-15.el6.x86_64 openldap-servers-2.4.23-15.el6.x86_64 How reproducible: 1. Install RHEL6.0 , Configure slapd to use slapd.conf instead of /etc/openldap/slapd.d/cn=config.ldif 2. Edit /etc/sysconfig/ldap and specify the slapd_options SLAPD_OPTIONS="-f /etc/openldap/slapd.conf.bak" 3. Start slapd 4. Import some data 5. Do an yum update $yum update openldap-servers 6.service slapd status slapd dead but pid file exists Start the slapd service service slapd start ln: creating hard link `/var/run/slapd.pid': File exists [ OK ] [root@vm112 openldap]# service slapd status slapd dead but pid file exists [root@vm112 openldap]# Actual results: slapd fails after upgrade Expected results: slapd should not fail. Additional info: Attaching the output of the command # slapd -u ldap -g ldap -f /etc/openldap/slapd.conf -d1
Created attachment 500802 [details] slapd log when started with -f /etc/openldap/slapd.conf.bak and with -d1
To restore the database. Recovering from the above 1. Edit /etc/sysconfig/ldap and comment the line SLAPD_OPTIONS="-f /etc/openldap/slapd.conf.bak" 2. Yum update creates a backup directory, move the backup directory to /tmp $mv /var/lib/ldap/backup-xxxx /tmp/backup 3. Stop the slapd service if running service slapd stop 4. Recreate the ldap database, make sure DB_CONFIG file is also copied to a different location $cp /var/lib/ldap/DB_CONFIG /tmp rm -rf /var/lib/ldap/* 5. Copy the DB_CONFIG file back to /var/lib/ldap $cp /tmp/DB_CONFIG /var/lib/ldap $chown ldap.ldap /var/lib/ldap/DB_CONFIG 6.Start and stop the slapd service to create new bdb files in /var/lib/ldap $service slapd start $service slapd stop 7. Restore from backup slapadd -f /etc/openldap/slapd.conf.bak -l /tmp/backup/backup.ldif 8. Change the ownership of the files in /var/lib/ldap to user and group ldap $chown ldap.ldap /var/lib/ldap/* 7. Start the slapd service $service slapd start
(In reply to comment #0) > 2. Edit /etc/sysconfig/ldap and specify the slapd_options > SLAPD_OPTIONS="-f /etc/openldap/slapd.conf.bak" This is the cause of the problem. As the custom name of configuration file is set using SLAPD_OPTIONS, correct configuration file is not detected during the package upgrade. This setting also bypasses configuration file verification in slapd initscript. It is impossible to write upgrade scripts so that every unusual configuration can be detected. This report is the case. I don't consider this report to be a bug. Red Hat Enterprise Linux Deployment Guide suggests using /etc/openldap/slapd.d. The old configuration file slapd.conf should be used only if backends, which doesn't support runtime configuration, are needed. In both cases, the database is upgraded during package upgrade.