[Pkg-openldap-devel] Bug#471253: slapd hangs and eats 100%cpu with syncrepl statements
Mathieu Parent
math.parent at gmail.com
Sun Mar 16 22:40:11 UTC 2008
Package: slapd
Version: 2.4.7-5
Severity: critical
--- Please enter the report below this line. ---
When using the following config file (reduced testcase or full),
and running a quick and dirty test(be carefull, it clean all slapd data) :
/etc/init.d/slapd stop
rm /var/lib/ldap/*
/usr/sbin/slapd -h ldap://127.0.0.1:389/ -f /etc/ldap/slapd.conf \
-u openldap -g openldap
cat <<EOF | ldapadd -D "cn=manager,cn=internal,dc=sathieu,dc=net" -w 12345 -x
dn: dc=sathieu,dc=net
dc: sathieu
objectClass: top
objectClass: domain
EOF
It hangs, and slapd eats 100% cpu. I have to do:
killall -KILL slapd
because ''killall slapd'' doesn't work.
I simply want this to resturn somehing:
ldapsearch -D "cn=manager,cn=internal,dc=sathieu,dc=net" \
-w 12345 -x -b "dc=sathieu,dc=net"
Can somebody reproduce this ? Can I provide more informations ?
Thanks
Mathieu Parent
NB: this file is for the future kolabd 2.2 package. We need syncrepl for lenny.
-------------- next part --------------
# (c) 2003 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
# (c) 2003-2007 Martin Konold <martin.konold at erfrakon.de>
# (c) 2003 Achim Frank <achim.frank at erfrakon.de>
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.
# this file is automatically written by the Kolab config backend and should have the
# file mode 0640
modulepath /usr/lib/ldap
moduleload back_bdb
moduleload back_monitor
moduleload refint
moduleload unique
# manual additions are lost unless made to the template in the Kolab config directory
# the template is /etc/kolab/templates/slapd.conf.template
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
#include /etc/ldap/schema/rfc2739.schema
include /usr/share/kolabd/schema/kolab2.schema
#include /usr/share/kolabd/schema/horde.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
#schemacheck doesn't exists in debian's slapd 2.4
#schemacheck on
#TLSCertificateFile /etc/kolab/cert.pem
#TLSCertificateKeyFile /etc/kolab/key.pem
rootDSE /etc/kolab/rootDSE.ldif
defaultsearchbase "dc=sathieu,dc=net"
#require none
allow bind_v2
loglevel 0
database bdb
suffix "dc=sathieu,dc=net"
cachesize 10000
checkpoint 512 5
idlcachesize 10000
idletimeout 300
# The value can be increased if some clients develop
# problems. Please report to kolab-devel at kolab.org
# if you encounter such a client.
dirtyread
directory /var/lib/ldap
rootdn "cn=manager,cn=internal,dc=sathieu,dc=net"
rootpw "12345"
replica uri=ldap://127.0.0.1:9999
binddn="cn=replicator"
bindmethod=simple
credentials=secret
#### Provide the modern syncprov/syncrepl method of ldap replication
# This database is a synchronisation provider
# Note that a database can be both a consumer and a provider
moduleload syncprov
overlay syncprov
# Guarantee that contextCSN gets written.
syncprov-checkpoint 1024 16
# Save a log of last write operations
syncprov-sessionlog 4096
# Support delta-based syncrepl
syncprov-reloadhint TRUE
# Put an index on attributes used for synchronisation
# Note that these indexes are used locally both for server and client
# during synchronisation.
index entryCSN eq
index entryUUID eq
#### Using overlays to improve data consistency
# Ensure that we never get dangling member attributes
# Checked on rename and delete
overlay refint
refint_attributes member
# The mail and the uid attribute must be unique.
overlay unique
unique_attributes mail uid
index objectClass pres,eq
index uid approx,sub,pres,eq
index mail approx,sub,pres,eq
index alias approx,sub,pres,eq
index cn approx,sub,pres,eq
index sn approx,sub,pres,eq
index givenName approx,sub,pres,eq
index kolabDelegate approx,sub,pres,eq
index kolabHomeServer pres,eq
index kolabDeleteflag pres,eq
index member pres,eq
##include /etc/ldap/slapd.access
access to dn="dc=sathieu,dc=net" attrs=children
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,dc=sathieu,dc=net" write
access to dn="cn=internal,dc=sathieu,dc=net" attrs=children
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,dc=sathieu,dc=net" write
access to attrs=userPassword
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" =wx
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" =wx
by self =wx
by anonymous =x
by * none stop
access to attrs=mail
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
access to attrs=alias
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
access to attrs=uid
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
access to attrs=cyrus-userquota
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by self read stop
access to attrs=kolabHomeServer
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
access to attrs=kolabHomeMTA
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
access to attrs=kolabAllowSMTPRecipient
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by self read stop
access to dn="cn=nobody,dc=sathieu,dc=net"
by anonymous auth stop
access to dn="cn=manager,cn=internal,dc=sathieu,dc=net"
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by self write
by anonymous auth stop
access to dn="cn=admin,cn=internal,dc=sathieu,dc=net"
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by self write
by anonymous auth stop
access to dn="cn=maintainer,cn=internal,dc=sathieu,dc=net"
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" read
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by self write
by anonymous auth stop
access to dn.regex="(.*,)?cn=internal,dc=sathieu,dc=net"
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by self write
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by anonymous auth stop
access to dn.regex="(.*,)?cn=external,dc=sathieu,dc=net"
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
access to dn="cn=external,dc=sathieu,dc=net"
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by * search stop
access to dn="cn=internal,dc=sathieu,dc=net"
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by * search stop
access to dn="k=kolab,dc=sathieu,dc=net"
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" read
by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,dc=sathieu,dc=net" read
by dn="cn=nobody,cn=internal,dc=sathieu,dc=net" read
by * none stop
access to *
by self write
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=sathieu,dc=net" write
by * read stop
##include /etc/ldap/slapd.replicas
database monitor
access to *
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=sathieu,dc=net" write
by * none stop
-------------- next part --------------
modulepath /usr/lib/ldap
moduleload back_bdb
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
defaultsearchbase "dc=sathieu,dc=net"
loglevel 0
database bdb
suffix "dc=sathieu,dc=net"
directory /var/lib/ldap
rootdn "cn=manager,cn=internal,dc=sathieu,dc=net"
rootpw "12345"
#### Provide the modern syncprov/syncrepl method of ldap replication
# This database is a synchronisation provider
# Note that a database can be both a consumer and a provider
moduleload syncprov
overlay syncprov
# Guarantee that contextCSN gets written.
syncprov-checkpoint 1024 16
# Save a log of last write operations
syncprov-sessionlog 4096
# Support delta-based syncrepl
syncprov-reloadhint TRUE
# Put an index on attributes used for synchronisation
# Note that these indexes are used locally both for server and client
# during synchronisation.
index entryCSN eq
index entryUUID eq
More information about the Pkg-openldap-devel
mailing list