Hi,
I'm running Centos 5, with openldap Version: 2.3.27 Release: 8.el5_2.4.
When I run:
$ sudo /etc/init.d/ldap start
I get the following error:
Starting slapd: /bin/bash: /tmp/start-slapd.l14891: Permission denied
(obviously the temp file number changes every time).
It appears to be a permission problem but I thought I did everything to set up the permissions correctly...
Everything is owned by the ldap user:
$ cd /etc/openldap/ $ ls -al total 40 drwxr-xr-x 4 ldap ldap 4096 Jan 16 18:07 . drwxr-xr-x 66 root root 4096 Jan 16 17:55 .. drwxr-xr-x 2 ldap ldap 4096 Jul 9 2008 cacerts -rw-r----- 1 ldap ldap 886 Jul 9 2008 DB_CONFIG.example -rw-r--r-- 1 ldap ldap 246 Jul 9 2008 ldap.conf drwxr-xr-x 3 ldap ldap 4096 Jan 16 17:40 schema -rw-r----- 1 ldap ldap 3456 Jan 16 18:07 slapd.conf -rw-r----- 1 ldap ldap 12288 Jan 16 18:07 .slapd.conf.swp
$ sudo ls -al /var/lib/ldap/ total 572 drwx------ 2 ldap ldap 4096 Jan 16 17:41 . drwxr-xr-x 21 root root 4096 Jan 16 17:40 .. -rw-r--r-- 1 ldap ldap 2048 Jan 16 17:41 alock -rw------- 1 ldap ldap 24576 Jan 16 17:41 __db.001 -rw------- 1 ldap ldap 278528 Jan 16 17:41 __db.002 -rw------- 1 ldap ldap 270336 Jan 16 17:41 __db.003 -rw------- 1 ldap ldap 98304 Jan 16 17:41 __db.004 -rw------- 1 ldap ldap 352256 Jan 16 17:41 __db.005 -rw------- 1 ldap ldap 24576 Jan 16 17:41 __db.006 -rw------- 1 ldap ldap 10485760 Jan 16 17:41 log.0000000001
When I run slaptest, it doesn't look great, but it doesn't look like a problem...
$ sudo /usr/sbin/slaptest bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2) Expect poor performance for suffix dc=XXXX,dc=net. bdb_db_open: db_open(/var/lib/ldap/id2entry.bdb) failed: No such file or directory (2) bdb(dc=XXXX,dc=net): Unknown locker ID: 0 backend_startup_one: bi_db_open failed! (2) slap_startup failed (test would succeed using the -u switch)
Does anyone know why I'm getting this permission denied message?
Thanks, Brett
I'm running Centos 5, with openldap Version: 2.3.27 Release: 8.el5_2.4.
When I run:
$ sudo /etc/init.d/ldap start
I get the following error:
Starting slapd: /bin/bash: /tmp/start-slapd.l14891: Permission denied
<snip>
Any chance that /tmp is mounted noexec? What is the output of the "mount" command?
Baryr
Maybe that's it actually. Here's the output of the mount cmd...
/dev/hdv1 on / type ufs (defaults) none on /proc type proc (defaults) none on /dev/pts type devpts (gid=5,mode=620) /vservers/XXXX/tmp on /tmp type ufs (bind,noexec) /vservers/XXXX/var/tmp on /var/tmp type ufs (bind,noexec)
It looks like /tmp is a symbolic link and mounted as noexec. Is that typical? How do I change that? My server is a "virtual server" and I wonder if I can even change that. Is there another way to run slapd without writing to the /tmp dir?
Thanks, Brett
Barry Brimer wrote:
I'm running Centos 5, with openldap Version: 2.3.27 Release: 8.el5_2.4.
When I run:
$ sudo /etc/init.d/ldap start
I get the following error:
Starting slapd: /bin/bash: /tmp/start-slapd.l14891: Permission denied
<snip>
Any chance that /tmp is mounted noexec? What is the output of the "mount" command?
Baryr _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi,
On Sun, Jan 18, 2009 at 18:54, Brett Wiesner brettwiesner@gmail.com wrote:
$ sudo /etc/init.d/ldap start Starting slapd: /bin/bash: /tmp/start-slapd.l14891: Permission denied
Your /tmp/ is mounted with noexec.
To work around this, create a directory where the script can be written to and executed (can be owned by root:root and permissions 755), for example, /etc/openldap/initscript/, and then add the following line to /etc/sysconfig/ldap (create the file if it doesn't exist):
TMP=/etc/openldap/initscript
bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2) Expect poor performance for suffix dc=XXXX,dc=net.
I suggest you create a /var/lib/ldap/DB_CONFIG file with content such as the one below:
set_cachesize 0 15000000 1 set_lg_regionmax 262144 set_lg_bsize 2097152 set_flags DB_LOG_AUTOREMOVE
See "man slapd-bdb" for more details.
HTH, Filipe
Thanks! That worked!
On Mon, Jan 19, 2009 at 11:10 AM, Filipe Brandenburger <filbranden@gmail.com
wrote:
Hi,
On Sun, Jan 18, 2009 at 18:54, Brett Wiesner brettwiesner@gmail.com wrote:
$ sudo /etc/init.d/ldap start Starting slapd: /bin/bash: /tmp/start-slapd.l14891: Permission denied
Your /tmp/ is mounted with noexec.
To work around this, create a directory where the script can be written to and executed (can be owned by root:root and permissions 755), for example, /etc/openldap/initscript/, and then add the following line to /etc/sysconfig/ldap (create the file if it doesn't exist):
TMP=/etc/openldap/initscript
bdb_db_open: Warning - No DB_CONFIG file found in directory
/var/lib/ldap: (2)
Expect poor performance for suffix dc=XXXX,dc=net.
I suggest you create a /var/lib/ldap/DB_CONFIG file with content such as the one below:
set_cachesize 0 15000000 1 set_lg_regionmax 262144 set_lg_bsize 2097152 set_flags DB_LOG_AUTOREMOVE
See "man slapd-bdb" for more details.
HTH, Filipe _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Barry Brimer -
Brett Wiesner -
brettwiesner
-
Filipe Brandenburger