[Pkg-openldap-devel] Bug#416272: Bug#416272: Bug#416272: slapd -distributional script not working

Mgr. Peter Tuharsky tuharsky at misbb.sk
Mon Jul 30 11:06:14 UTC 2007 

I ran the slapd botw ways suggested by the error.

Here are the logs:

First (shorter one):
Jul 30 05:40:04 ldap1 slapd[12723]: @(#) $OpenLDAP: slapd 2.3.30 (Dec 12 
2006 22:14:39) $ 
^Iroot at monster:/tmp/buildd/openldap2.3-2.3.30/debian/build/servers/slapd
Jul 30 05:40:06 ldap1 slapd[12723]: main: TLS init def ctx failed: -1
Jul 30 05:40:06 ldap1 slapd[12723]: slapd stopped.
Jul 30 05:40:06 ldap1 slapd[12723]: connections_destroy: nothing to 
destroy.




Second (longer one):
Jul 30 05:38:00 ldap1 slapd[12700]: @(#) $OpenLDAP: slapd 2.3.30 (Dec 12 
2006 22:14:39) $ 
^Iroot at monster:/tmp/buildd/openldap2.3-2.3.30/debian/build/servers/slapd
Jul 30 05:38:00 ldap1 slapd[12700]: slapd starting
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 fd=11 ACCEPT from 
IP=10.2.2.2:39150 (IP=0.0.0.0:389)
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=0 STARTTLS
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=0 RESULT oid= err=0 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 fd=11 TLS established 
tls_ssf=128 ssf=128
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=1 BIND 
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=1 BIND 
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=1 RESULT tag=97 err=0 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=2 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=2 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=2 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=3 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=3 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=3 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=4 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=4 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=4 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=5 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=5 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=5 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=6 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=6 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=6 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=7 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=7 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=7 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=8 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=8 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=8 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=9 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=9 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:00 ldap1 slapd[12700]: conn=0 op=9 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 fd=14 ACCEPT from 
IP=10.2.2.2:39152 (IP=0.0.0.0:389)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=0 STARTTLS
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=0 RESULT oid= err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 fd=14 TLS established 
tls_ssf=128 ssf=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=1 BIND 
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=1 BIND 
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=1 RESULT tag=97 err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=2 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=2 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=2 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=3 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=3 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=3 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=4 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=4 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=4 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=5 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=5 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=5 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=6 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=6 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=6 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=7 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=7 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=7 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=8 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=8 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=8 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=9 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=shadowAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=9 SRCH attr=uid 
userPassword shadowLastChange shadowMax shadowMin shadowWarning 
shadowInactive shadowExpire shadowFlag
Jul 30 05:38:05 ldap1 slapd[12700]: conn=1 op=9 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 fd=15 ACCEPT from 
IP=10.2.2.2:39153 (IP=0.0.0.0:389)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=0 STARTTLS
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=0 RESULT oid= err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 fd=15 TLS established 
tls_ssf=128 ssf=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=1 BIND 
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=1 BIND 
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=1 RESULT tag=97 err=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=2 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=2 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=2 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=3 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=lorencova))"
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=3 SEARCH RESULT tag=101 
err=0 nentries=1 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=4 SRCH 
base="ou=Group,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixGroup)(|(memberUid=lorencova)(uniqueMember=uid=lorencova,ou=people,dc=misbb,dc=sk)))" 

Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=4 SRCH attr=gidNumber
Jul 30 05:38:05 ldap1 slapd[12700]: <= bdb_equality_candidates: 
(memberUid) index_param failed (18)
Jul 30 05:38:05 ldap1 slapd[12700]: <= bdb_equality_candidates: 
(uniqueMember) index_param failed (18)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=4 SEARCH RESULT tag=101 
err=0 nentries=2 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=5 SRCH 
base="ou=Group,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixGroup)(uniqueMember=cn=domainusers,ou=group,dc=misbb,dc=sk))" 

Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=5 SRCH attr=gidNumber
Jul 30 05:38:05 ldap1 slapd[12700]: <= bdb_equality_candidates: 
(uniqueMember) index_param failed (18)
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 op=5 SEARCH RESULT tag=101 
err=0 nentries=0 text=
Jul 30 05:38:05 ldap1 slapd[12700]: conn=2 fd=15 closed (connection lost)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 fd=15 ACCEPT from 
IP=127.0.0.1:48682 (IP=0.0.0.0:389)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=0 BIND 
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=0 BIND 
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=0 RESULT tag=97 err=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=1 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 filter="(uid=root)"
Jul 30 05:38:22 ldap1 slapd[12700]: conn=3 op=1 SEARCH RESULT tag=101 
err=0 nentries=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 fd=16 ACCEPT from 
IP=127.0.0.1:48683 (IP=0.0.0.0:389)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=0 BIND 
dn="cn=manager,dc=misbb,dc=sk" method=128
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=0 BIND 
dn="cn=Manager,dc=misbb,dc=sk" mech=SIMPLE ssf=0
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=0 RESULT tag=97 err=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=1 SRCH 
base="ou=People,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixAccount)(uid=root))"
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=1 SEARCH RESULT tag=101 
err=0 nentries=0 text=
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=2 SRCH 
base="ou=Group,dc=misbb,dc=sk" scope=1 deref=0 
filter="(&(objectClass=posixGroup)(memberUid=root))"
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=2 SRCH attr=gidNumber
Jul 30 05:38:22 ldap1 slapd[12700]: <= bdb_equality_candidates: 
(memberUid) index_param failed (18)
Jul 30 05:38:22 ldap1 slapd[12700]: conn=4 op=2 SEARCH RESULT tag=101 
err=0 nentries=0 text=
Jul 30 05:38:35 ldap1 slapd[12700]: daemon: shutdown requested and 
initiated.
Jul 30 05:38:35 ldap1 slapd[12700]: conn=0 fd=11 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: conn=1 fd=14 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: conn=3 fd=15 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: conn=4 fd=16 closed (slapd shutdown)
Jul 30 05:38:35 ldap1 slapd[12700]: slapd shutdown: waiting for 0 
threads to terminate
Jul 30 05:38:35 ldap1 slapd[12700]: slapd stopped.



 From the first log seems like TLS error somehow.
I'll examine the certificate file permissions and let You know.

Peter



Quanah Gibson-Mount  wrote / napísal(a):
> --On Tuesday, June 26, 2007 11:27 PM -0700 Russ Allbery <rra at debian.org> 
> wrote:
> 
>> retitle 416272 slapd: error "main: TLS init def ctx failed: -1" on start
>> tags 416272 -unreproducible
>> thanks
>>
>> Mgr Peter Tuharsky <tuharsky at misbb.sk> writes:
>>
>>> Hi,
>>
>>> I tested the script again with NO success.
>>> slapd version: 2.3.30-2
>>
>>> I set the ownership of /var/lib/ldap files to openldap.openldap, start
>>> (as root) using
>>> cd /etc/init.d
>>> ./slapd start
>>
>>> however the distributional script just displays error and dosen't start
>>> the slapd at all:
>>
>>> Starting OpenLDAP: slapd - failed.
>>> The operation failed but no output was produced. For hints on what went
>>> wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
>>> try running the daemon in Debug mode like via "slapd -d 16383" (warning:
>>> this will create copious output).
>>
>> Sounds like the init script is working just fine; your server either 
>> has a
>> configuration problem or something else is preventing TLS initialization
>> from succeeding.
> 
> The error here indicates user error in configuring TLS in slapd.conf, 
> and is not indicative of an error in the script.  Generally, check that 
> all paths to the certs referenced are correct, and that the slapd user 
> has permissions to read them.
> 
> --Quanah
> 
> -- 
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> --------------------
> Zimbra ::  the leader in open source messaging and collaboration


-- 
Odchádzajúca správa neobsahuje vírusy, nepoužívam Windows.
=======================

Mgr. Peter Tuhársky
Referát informatiky
Mesto Banská Bystrica
ČSA 26
975 39 Banská Bystrica

Tel: +421 48 4330 118
Fax: +421 48 411 3575

=======================

More information about the Pkg-openldap-devel mailing list