LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-29-2011, 12:38 PM   #31
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501

You need to populate your directory. See this for an explanation
While slapd is not running use slapadd to add the ldif containing the base dn(s)
 
Old 12-29-2011, 02:15 PM   #32
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
You need to populate your directory. See this for an explanation
While slapd is not running use slapadd to add the ldif containing the base dn(s)
Ok,
So I put an ldif file in the current directory ( same directory where the slapd.conf is ), and I ran this:

./slapadd -l /usr/openldap-2.4.28/servers/slapd/s18.ldif -f slapd.conf -d -1

I get the same basic error, which is this:
4efcbbf3 slapadd startup: initiated.
4efcbbf3 backend_startup_one: starting "o=meteorregistry.com"
4efcbbf3 bdb_db_open: "o=meteorregistry.com"
4efcbbf3 bdb_db_open: database "o=meteorregistry.com": dbenv_open(/usr/openldap-2.4.28/servers/slapd/openldap-data).
4efcbbf3 bdb_db_open: database "o=meteorregistry.com": db_open(/usr/openldap-2.4.28/servers/slapd/openldap-data/id2entry.bdb) failed: No such file or directory (2).
4efcbbf3 ====> bdb_cache_release_all
4efcbbf3 backend_startup_one (type=bdb, suffix="o=meteorregistry.com"): bi_db_open failed! (2)
slap_startup failed


Thanks !!
Floyd
 
Old 12-29-2011, 03:05 PM   #33
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
What's in s18.ldif? If there are some sensitive data, you may mask it.

Since you're migrating from another ldap server, you should export the correct ldif from it, and import the same in openldap with slapadd. You can delete everything (except DB_CONFIG) from /usr/openldap-2.4.28/servers/slapd/openldap-data before running slapadd again
I guess it's not a permissions problem, as slapd can write in /usr/openldap-2.4.28/servers/slapd/openldap-data its logs and transaction data, but anyway check the permissions of that directory. Also, I don't know if oracle linux uses selinux, so check if that's the case.
 
Old 12-30-2011, 06:58 AM   #34
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
What's in s18.ldif? If there are some sensitive data, you may mask it.

Since you're migrating from another ldap server, you should export the correct ldif from it, and import the same in openldap with slapadd. You can delete everything (except DB_CONFIG) from /usr/openldap-2.4.28/servers/slapd/openldap-data before running slapadd again
I guess it's not a permissions problem, as slapd can write in /usr/openldap-2.4.28/servers/slapd/openldap-data its logs and transaction data, but anyway check the permissions of that directory. Also, I don't know if oracle linux uses selinux, so check if that's the case.
Thank you.
I deleted all the files in the openldap-data directory except the logs directory and the DB_CONFIG. ( done this before too )
I ran this:
slapadd -b "o=meteorregistry.com" -v -l s18.ldif

I got back the same.
[root@prod-meteor1v4 slapd]# ./slapadd -b "o=meteorregistry.com" -v -l s18.ldif
4efda633 bdb_db_open: database "o=meteorregistry.com": db_open(/usr/openldap-2.4.28/servers/slapd/openldap-data/id2entry.bdb) failed: No such file or directory (2).
4efda633 backend_startup_one (type=bdb, suffix="o=meteorregistry.com"): bi_db_open failed! (2)
slap_startup failed

Our ldif file is really open to all so it's ok. I just took the liberty of snipping out the encrypted ssl certs in there, and I cut out a lot of the file because it's just more of the same. It's attached.

Permissions aren't a problem because right now everything is done by root.

Thank you !
Floyd
Attached Files
File Type: txt ldif.example.txt (44.8 KB, 13 views)
 
Old 12-30-2011, 08:19 AM   #35
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
Quote:
Permissions aren't a problem because right now everything is done by root.
Did you check if it's selinux? If selinux is enabled, a process cannot write in some directories even if run as root, if there is no such permission by selinux
FYI I've tried your ldif and the 1st dn was imported successfully. The rest was rejected because of invalid dn
 
Old 12-30-2011, 08:24 AM   #36
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
Did you check if it's selinux? If selinux is enabled, a process cannot write in some directories even if run as root, if there is no such permission by selinux
FYI I've tried your ldif and the 1st dn was imported successfully. The rest was rejected because of invalid dn
I don't know what selinux is or how to check for it. We have Oracle's version of Red Hat unbreakable linux. Is there something I can check ?

I would imagine that maybe the reason the ldif doesn't work for you is because you need the special schema ?
 
Old 12-30-2011, 08:39 AM   #37
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
Quote:
I don't know what selinux is or how to check for it. We have Oracle's version of Red Hat unbreakable linux. Is there something I can check
You can run
Code:
sestatus
to check if that's the case

Quote:
I would imagine that maybe the reason the ldif doesn't work for you is because you need the special schema ?
Yeah, I'm missing some objectclasses, but I tried to import the ldif just to see what happens. The id2entry.bdb and the other dbs was created as they should.
 
Old 12-30-2011, 08:45 AM   #38
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
You can run
Code:
sestatus
to check if that's the case

Yeah, I'm missing some objectclasses, but I tried to import the ldif just to see what happens. The id2entry.bdb and the other dbs was created as they should.
Thanks.
So selinux is disabled. I guess that means no permission problems right ?
 
Old 12-30-2011, 09:38 AM   #39
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
Yup it's disabled. I cannot think of anything else that does not allow writing!
Try to use a different directory to store the data. You can use the attached slapd.conf (adjust the schemas location) and create the /tmp/data directory to store the database.
It's the one I've used to test your ldif.
Attached Files
File Type: txt slapd.conf.txt (234 Bytes, 13 views)
 
Old 12-30-2011, 09:54 AM   #40
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
Yup it's disabled. I cannot think of anything else that does not allow writing!
Try to use a different directory to store the data. You can use the attached slapd.conf (adjust the schemas location) and create the /tmp/data directory to store the database.
It's the one I've used to test your ldif.
That seems to work, thank you !!

I run this to start it:
./slapd -f ./slapd-linux.conf -d -1

and I run this to kill it.
kill -INT `cat /usr/local/var/run/slapd.pid`

Now I will try and get it running with the script you gave me.

Thanks again Bathory !!
 
Old 12-30-2011, 10:31 AM   #41
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
Yup it's disabled. I cannot think of anything else that does not allow writing!
Try to use a different directory to store the data. You can use the attached slapd.conf (adjust the schemas location) and create the /tmp/data directory to store the database.
It's the one I've used to test your ldif.
So I am not able to start it with your script. The only thing I changed in your script was the LD_LIBRARY_PATH.
It just exits and says it can't start ldap.

But I can start it with this little script.
#!/bin/ksh

if [ $1 = "start" ]
then
cd /usr/openldap-2.4.28/servers/slapd
nohup /usr/local/libexec/slapd -f ./slapd-linux.conf &
fi
if [ $1 = "stop" ]
then
kill -INT `cat /usr/local/var/run/slapd.pid`
fi


Any idea why ?

Also I have a question.
In your slapd.conf file you have these:
suffix "o=meteorregistry.com"
rootdn "cn=Manager,o=meteorregistry.com"

I would like to change the rootdn to match what we have in our ldif which is this:
rootdn "cn=nslcadmin,o=meteorregistry.com"

Will that mess up the database if I do that ??

Thanks again !!

Floyd
 
Old 12-30-2011, 11:42 AM   #42
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
Quote:
So I am not able to start it with your script. The only thing I changed in your script was the LD_LIBRARY_PATH.
It just exits and says it can't start ldap.
First of all the script is not mine. Credits go to the person mentioned in the very first lines of it. Maybe it's because of the pid file being in a different place


Quote:
I would like to change the rootdn to match what we have in our ldif which is this:
rootdn "cn=nslcadmin,o=meteorregistry.com"

Will that mess up the database if I do that ??
No.
The rootdn is used when you have to run some ldap tools that need authentication (like ldapadd). Usually it's not even present in the database.

Regards
 
Old 12-30-2011, 11:54 AM   #43
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
First of all the script is not mine. Credits go to the person mentioned in the very first lines of it. Maybe it's because of the pid file being in a different place
Sorry about that. Didn't want to insinuate anything. :-) Yea it's not the pid file location, I changed that. NO biggy.



Quote:
No.
The rootdn is used when you have to run some ldap tools that need authentication (like ldapadd). Usually it's not even present in the database.

Regards
Thanks Bathory !!
You really stuck with me, and I appreciate it.
Of course this is just the beginning. <grin>
 
Old 01-04-2012, 09:43 AM   #44
fwellers
Member
 
Registered: Dec 2011
Posts: 32

Original Poster
Rep: Reputation: Disabled
I am going to mark this as solved.

the reason I couldn't get the id2entry.bdb database made was that I needed to make a directory called "db" in the database directory.
It was being pointed to by the DB_CONFIG file.

After that, I was able to import my ldif with slapadd -l [ldif file]

Thanks for all your help !!!!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenLDAP complains of Berkeley DB version mismatch [GOD]Anck Slackware 7 06-08-2009 02:54 AM
Version incompatible (OpenLDAP) Hawkin Linux - Software 16 06-20-2008 05:08 AM
OpenLDAP with ssl version compatability Vikas Sarin Linux - Networking 0 12-17-2006 09:46 PM
Openldap BerkeleyDB version imcompatible kgao Linux - Software 3 04-12-2005 08:26 PM
Segmentation fault after OpenLDAP / Berkley DB (Slackware 8.1) cereal Linux - General 0 07-17-2003 01:34 PM


All times are GMT -5. The time now is 04:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration