Bug 829272 - slapd fails to start on reboot
slapd fails to start on reboot
Product: Fedora
Classification: Fedora
Component: openldap (Show other bugs)
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: Jan Vcelak
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2012-06-06 07:05 EDT by Anil Seth
Modified: 2013-03-03 20:30 EST (History)
11 users (show)

See Also:
Fixed In Version: openldap-2.4.31-3.fc17
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-07-17 13:21:33 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Anil Seth 2012-06-06 07:05:36 EDT
Description of problem:
slapd fails to start on boot. Times out.
However, manual restart works fine.

Version-Release number of selected component (if applicable):

How reproducible:
Every reboot

Steps to Reproduce:
1.Enable slapd
Actual results:

bash-4.2$ systemctl status slapd.service

slapd.service - OpenLDAP Server Daemon
          Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled)
          Active: failed (Result: timeout) since Wed, 06 Jun 2012 16:02:27 +0530; 5min ago
         Process: 1319 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=killed, signal=TERM)
          CGroup: name=systemd:/system/slapd.service

Expected results:
bash-4.2$ systemctl status slapd.service
slapd.service - OpenLDAP Server Daemon
          Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled)
          Active: active (running) since Wed, 06 Jun 2012 16:07:52 +0530; 4s ago
         Process: 3382 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=0/SUCCESS)
         Process: 3346 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=exited, status=0/SUCCESS)
        Main PID: 3383 (slapd)
          CGroup: name=systemd:/system/slapd.service
                  └ 3383 /usr/sbin/slapd -u ldap -h ldapi:/// ldap:/// ldaps:///

Additional info:
Manual start works fine.
bash-4.2$ sudo systemctl start slapd.service

System log shows:
Jun  6 16:02:27 amd systemd[1]: slapd.service operation timed out. Terminating.
Comment 1 Anil Seth 2012-06-06 07:36:29 EDT
Commenting check-config in /usr/lib/systemd/system/slapd.service makes the problem go away.


Should it be a problem once the configuration is done?
Comment 2 Michal Schmidt 2012-06-06 09:38:45 EDT
As a general rule, problems with specific services failing should be reported first against the services themselves. Reassigning to openldap.

This may be caused by slapd.service setting the service timeout very low:
Comment 3 Jan Vcelak 2012-06-06 09:52:10 EDT
3 seconds should be enough. But you can increase that value and try it. Is something logged in /var/log/messages? What about SELinux, have you checked /var/log/audit/audit.log for AVC denials?
Comment 4 Michal Schmidt 2012-06-06 12:31:35 EDT
What is the reason for setting such a low timeout? Most services are fine with the default timeout, which is 90 seconds. What makes slapd special in this regard?
Comment 5 Anil Seth 2012-06-07 00:37:09 EDT
Thanks very much. Increasing the timeout to 30 solved the issue.
In case it is related to the time shown by systemd-analyze blame: on my system it is:
  5084ms slapd.service

My apologies for filing the report against systemd.
Comment 6 Michal Schmidt 2012-06-07 03:29:37 EDT
I think the "TimeoutSec=3" setting originated from a misguided attempt to emulate the default behaviour of killproc from /etc/init.d/functions.
Bug 458679 even showed that it is not safe to kill slapd prematurely by SIGKILL, so setting a low timeout seems counter-productive. I recommend just using the default.
Comment 7 Jan Vcelak 2012-06-07 04:24:02 EDT
OK, we will stick with default. Not sure why we had it there anyway.
Comment 8 Jan Vcelak 2012-06-27 09:11:37 EDT
Resolved in openldap-2.4.31-3.fc17
Comment 9 Fedora Update System 2012-06-27 09:16:49 EDT
openldap-2.4.31-3.fc17 has been submitted as an update for Fedora 17.
Comment 10 Fedora Update System 2012-06-27 23:32:44 EDT
Package openldap-2.4.31-3.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing openldap-2.4.31-3.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Comment 11 Fedora Update System 2012-07-17 13:21:33 EDT
openldap-2.4.31-3.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.