From owner-freebsd-stable@FreeBSD.ORG Mon Jul 10 15:15:49 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2516216A4DA for ; Mon, 10 Jul 2006 15:15:49 +0000 (UTC) (envelope-from maenaka@pluto.dti.ne.jp) Received: from smtp11.dti.ne.jp (smtp11.dti.ne.jp [202.216.231.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id A189B43D49 for ; Mon, 10 Jul 2006 15:15:48 +0000 (GMT) (envelope-from maenaka@pluto.dti.ne.jp) Received: from towerrecords.minidns.net (221x254x158x92.ap221.ftth.ucom.ne.jp [221.254.158.92]) by smtp11.dti.ne.jp (3.11s) with ESMTP AUTH id k6AFFlDD014793 for ; Tue, 11 Jul 2006 00:15:47 +0900 (JST) Received: from [127.0.0.1] (towerrecords.minidns.net [192.168.0.1]) by towerrecords.minidns.net (Postfix) with ESMTP id CC8714849 for ; Tue, 11 Jul 2006 00:15:46 +0900 (JST) From: "UEMURA (fka. MAENAKA) Tetsuya" To: freebsd-stable@freebsd.org In-Reply-To: <86fyh9tws4.fsf@srvbsdnanssv.interne.kisoft-services.com> References: <200607101600.56911.dzalewski@open-craft.com> <86fyh9tws4.fsf@srvbsdnanssv.interne.kisoft-services.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.24.02 [ja] Message-Id: <20060710151546.CC8714849@towerrecords.minidns.net> Date: Tue, 11 Jul 2006 00:15:46 +0900 (JST) Subject: Re: slapd - slow starting X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jul 2006 15:15:49 -0000 Posted on Mon, 10 Jul 2006 15:27:39 +0200 by author Eric Masson > Chicken & Egg problem, the system queries the ldap backend to get > informations about the account it will use to start the ldap backend. Indeed. So that by adding `bind_policy soft' to nss_ldap.conf to force nss to quit querying immediately if LDAP server isn't ready. Note that by default, LDAP server tries to resolv user:ldap and group:ldap, and of course both must be resolvable without LDAP server itself, add user:ldap and group:ldap to /etc files. Anyway, my nss_ldap.conf has only the follwing 4 lines, FYI. maenaka@~> grep -vE '^#|^$' < /usr/local/etc/nss_ldap.conf base dc=ldapserver uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/ bind_timelimit 5 bind_policy soft maenaka@~> ls -laR /var/run/openldap/ total 8 drwxrwxr-x 2 root ldap 512 Jul 9 00:13 . drwxr-xr-x 8 root wheel 1024 Jul 11 00:14 .. srwxrwxrwx 1 root ldap 0 Jul 9 00:13 ldapi -rw-r--r-- 1 ldap ldap 94 Jul 9 00:13 slapd.args -rw-r--r-- 1 ldap ldap 6 Jul 9 00:13 slapd.pid -- UEMURA (fka. MAENAKA) Tetsuya