[Pkg-openldap-devel] Bug#798964: Bug#798964: slapd: since security upgrade writing ber in accesslog is broken
Ryan Tandy
ryan at nardis.ca
Mon Sep 14 15:32:54 UTC 2015
Control: tag -1 moreinfo
Hi Benoit, thanks for reporting this.
On Mon, Sep 14, 2015 at 04:37:11PM +0200, Benoit Mortier wrote:
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 ACCEPT from
>IP=172.20.51.10:51214 (IP=172.20.50.25:389)
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 BIND dn="cn=o3-
>synchro,ou=dsa,dc=master,dc=fdi" method=128
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 BIND dn="cn=o3-
>synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 RESULT tag=97 err=0
>text=
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=1 SRCH
>base="cn=accesslog" scope=2 deref=0
>filter="(&(objectClass=auditWriteObject)(reqResult=0))"
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=1 SRCH attr=reqDN
>reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
>Sep 14 16:28:25 agenor slapd[11359]: send_search_entry: conn 1000 ber
>write failed.
>Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 closed (connection
>lost on write)
I'm not seeing any such errors in a delta-syncrepl setup. Can you share
the relevant configs, and possibly the corresponding logs from the
consumer? It might be necessary to capture some logs at a higher debug
level (for example "stats sync trace") to figure out what's going on.
If you downgrade to the previous version of slapd, does the problem go
away?
thanks,
Ryan
More information about the Pkg-openldap-devel
mailing list