LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 01-09-2004, 09:55 AM   #1
jjge
Member
 
Registered: Jun 2003
Location: Kalkar, Germany
Distribution: Slackware
Posts: 81

Rep: Reputation: 15
LDAP: slapd is not listening!


I am running openLDAP on Slackware 9.1. The daemon slapd starts up without parameters and is visible in "ps ax", but somehow it is not listening on default port 389, nor on any other port (I tried fuser -n tcp 389 and netstat -l -p).

I do not see anything remarkable in /var/log/messages or debug, nor does strace give me a clue-- but I do not know exactly what to look for...

Can anyone help me? advthanksance joopg
 
Old 01-09-2004, 03:03 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Can you post the output of:
netstat -nlp

Also the contents of your slapd.conf file.
 
Old 01-10-2004, 07:19 AM   #3
jjge
Member
 
Registered: Jun 2003
Location: Kalkar, Germany
Distribution: Slackware
Posts: 81

Original Poster
Rep: Reputation: 15
OK, here it is:
****************** slapd.conf ***********************************************
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/mull.schema
#
#include_/usr/share/openldap/schema/corba.schema
#include_/usr/share/openldap/schema/java.schema
#include_/usr/share/openldap/schema/krb5-kdc.schema
#include /usr/share/openldap/schema/kerberosobject.schema
#include_/usr/share/openldap/schema/misc.schema
#include_/usr/share/openldap/schema/nis.schema
#include_/usr/share/openldap/schema/openldap.schema
#include /usr/share/openldap/schema/autofs.schema
#include /usr/share/openldap/schema/samba.schema
#include_/etc/openldap/schema/local.schema
#include ________/etc/openldap/slapd.access.conf
#

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /usr/local/openldap-2.1.2/var/slapd.pid
argsfile /usr/local/openldap-2.1.2/var/slapd.args

# Load dynamic backend modules:
# modulepath /usr/local/openldap-2.1.2/libexec/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy is:
# Allow read by all
#
# rootdn can always write!

#######################################################################
# ldbm database definitions
#######################################################################

database bdb
suffix "dc=jjge,dc=de"
rootdn "cn=Manager,dc=jjge,dc=de"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw ****
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /usr/local/openldap-2.1.2/var/openldap-data
# Indices to maintain
index objectClass eq
index cn,sn,uid pres,eq,sub
lastmod on
# Access Rights
access to attr=userpassword
by self write
by anonymous auth
by dn="cn=Manager,dc=jjge,dc=de" write
by * none
access to attr=mail
by self write
by dn=".*,dc=jjge,dc=de" read
by * search
access to attr=entry
by * read
access to dn=".*,ou=Roaming,dc=jjge,dc=de/"
by dnattr=owner write
access to *
by self write
by dn=".*,dc=jjge,dc=de" read
by anonymous auth
by * none
# LDAP object size restriction
sockbuf_max_incoming 1000000

*** output from netstat -nlp ***************************************************
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 1225/smbd
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 1216/sendmail: acce
tcp 0 0 0.0.0.0:11 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 127.0.0.1:7501 0.0.0.0:* LISTEN 1260/ncpd
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:79 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1096/rpc.portmap
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1200/sshd
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN 1242/cupsd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 1197/inetd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1216/sendmail: acce
udp 0 0 0.0.0.0:512 0.0.0.0:* 1197/inetd
udp 0 0 0.0.0.0:32769 0.0.0.0:* -
udp 0 0 0.0.0.0:518 0.0.0.0:* 1197/inetd
udp 0 0 192.168.87.5:137 0.0.0.0:* 1227/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 1227/nmbd
udp 0 0 192.168.87.5:138 0.0.0.0:* 1227/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 1227/nmbd
udp 0 0 0.0.0.0:800 0.0.0.0:* -
udp 0 0 0.0.0.0:37 0.0.0.0:* 1197/inetd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1096/rpc.portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 1242/cupsd
udp 0 0 127.0.0.1:1023 0.0.0.0:* 1267/plpnfsd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 1539 1345/gdm-binary /tmp/.gdm_socket
unix 2 [ ACC ] STREAM LISTENING 39359 8956/kdeinit: ksmse /tmp/.ICE-unix/8956
unix 2 [ ACC ] STREAM LISTENING 39322 8951/artsd /tmp/mcop-jjge/Penti_jjge-22f7-3fffc568
unix 2 [ ACC ] STREAM LISTENING 37344 7315/X /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 1562 1358/postmaster /tmp/.s.PGSQL.5432
unix 2 [ ACC ] STREAM LISTENING 39209 8927/kdeinit: dcops /tmp/.ICE-unix/dcop8927-1073726822
unix 2 [ ACC ] STREAM LISTENING 39230 8930/kdeinit: klaun /tmp/ksocket-jjge/klaunchersbUtea.slave-socket
unix 2 [ ACC ] STREAM LISTENING 1365 1230/gpm /dev/gpmctl
unix 2 [ ACC ] STREAM LISTENING 39205 8924/kdeinit: Runni /tmp/ksocket-jjge/kdeinit-:0
Active IPX sockets
Proto Recv-Q Send-Q Local Address Foreign Address State
 
Old 01-10-2004, 07:35 AM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Try setting:
loglevel 8

In slapd.conf then stop slapd:
killall slapd

Then manually start slapd and look for errors in the output:
/path/to/slapd
 
Old 01-10-2004, 08:03 AM   #5
jjge
Member
 
Registered: Jun 2003
Location: Kalkar, Germany
Distribution: Slackware
Posts: 81

Original Poster
Rep: Reputation: 15
I found the following in /var/log/debug:

Jan 10 14:56:34 Penti slapd[10965]: daemon: socket() failed errno=97 (Address family not supported by protocol)
Jan 10 14:56:34 Penti slapd[10965]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)
Jan 10 14:56:35 Penti slapd[10965]: /usr/local/etc/openldap/schema/mull.schema: line 45: unknown directive ")" outside backend info and database definitions (ignored)
Jan 10 14:56:35 Penti slapd[10965]: bdb_db_init: Initializing BDB database

The first line looks relevant, but it is not exactly clear to me what it should mean... which address family?
 
Old 01-10-2004, 08:11 AM   #6
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Was that with the debug increased? Try:
/path/to/slapd -d8

A bit of googleing shows that people have had similar messages from ssl cert file permissions not being readable by the ldap user.
 
Old 01-10-2004, 10:02 AM   #7
jjge
Member
 
Registered: Jun 2003
Location: Kalkar, Germany
Distribution: Slackware
Posts: 81

Original Poster
Rep: Reputation: 15
yes, I did set loglevel 8 before restarting.

Anyway, slapd -d8 gives similar messages, in particular the "address family not supported" message.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
openldap replication master/slave slapd.conf paul_mat Linux - Networking 1 11-30-2005 01:54 PM
Bad DN starting slapd mago Linux - Networking 1 11-13-2005 02:19 PM
Ldap is listening but won't do anything Homer Glemkin Linux - Software 1 12-31-2004 02:10 PM
LDAP's slapd & slurpd does not work!!! lewkh Linux - Newbie 0 10-13-2004 10:56 PM
ldap-abook unable to get street name in ldap-entry Jingle Linux - Software 1 06-06-2004 07:13 PM


All times are GMT -5. The time now is 05:23 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration