Bug#1024057: slapd: service restart does not always restart slapd
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Mon Nov 14 08:12:08 GMT 2022
Package: slapd
Version: 2.4.57+dfsg-3+deb11u1
Severity: important
For slapd on Debian 10 and Debian 11, we sometimes observe service
restart failures.
We use a self-written script [1] to update Let's Encrypt certificates.
This script restarts services it knows after the SSL cert file has
been updated.
One of the services we restart is slapd. Over the past months we have
seen various restart failures for slapd (LDAP service has been down in
the morning after Let's Encrypt updates).
Our work-around [2] for now is stopping slapd, waiting for 1 sec and
then starting it again.
However, I sense that the systemd unit file might need the real fix for this.
Unfortunately, I don't have any Debian testing systems in the field
with a similar setup, but I assume that the fix is still present for
slapd in bookworm, unless the issue has been explicitly addressed
already.
Greets,
Mike
[1] https://gitlab.das-netzwerkteam.de/sunweaver/setup-letsencrypt/
[2]
https://gitlab.das-netzwerkteam.de/sunweaver/setup-letsencrypt/-/commit/d52ee5a3bff1f5beee49767dde7e9077e0a23234
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: Digitale PGP-Signatur
URL: <http://alioth-lists.debian.net/pipermail/pkg-openldap-devel/attachments/20221114/3b7b6d74/attachment.sig>
More information about the Pkg-openldap-devel
mailing list