Date: Wed, 23 Sep 2009 15:56:02 +0700 (ICT) From: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th> To: ohartman@zedat.fu-berlin.de Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org Subject: Re: LDAP server gone -> impossible to login locally! Message-ID: <200909230856.n8N8u2hp062395@banyan.cs.ait.ac.th> In-Reply-To: <4AB9DDD8.2020700@zedat.fu-berlin.de> (ohartman@zedat.fu-berlin.de) References: <4AB8BAA9.1060100@zedat.fu-berlin.de> <200909222248.16475.doconnor@gsoft.com.au> <4AB93614.2080106@locolomo.org> <200909231104.39234.doconnor@gsoft.com.au> <4AB9DDD8.2020700@zedat.fu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> > On a related note, why is slapd so damn fragile? It's a righteous pain > > in the bum the way you have to run db_recover-X.Y /var/db/openldap-data > > if slapd fails to start. > Yes, this is a lot of pain. I have had issues the same way and never > figured out what the reason was. /var/ is very often corrupted after a > crash, power failure or unclean reboot. Maybe not slpad is that fragile, > but db47 is. Last June, we had to shutdown our openldap server every night, I noticed that a simple halt(8) would leave the bdb backend database in a corrupted state. It worked well if I /usr/local/etc/rc.d/slapd stop and sync(8) a couple of type before I halt(8). After that I wrote a small script that would take a backup of the ldap data every 2 hours and keep 5 days of backup. It seems that Berkeley DB has a lot of options that need to be configured to be working optimally with openldap. Maybe soft-update should be desactivated from the filesystem where the db files reside. Bests, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909230856.n8N8u2hp062395>