On 2/19/26 6:57 PM, Ondřej Kuzník wrote:
It could be related to actual (TLS?) startup which doesn't happen for slap* tool setup. If you start slapd by hand with `-d config` (or `-d any` if you want full output) does anything new show up on stderr? If it does start up just fine, then I'd look the way of how it's started (selinux/apparmor/... interference) as well but let's start from the bottom.
Interestingly running slapd manually seems to work. These are the steps I did, 1. delete olcTLSCipherSuite: NORMAL 2. Set olcSecurity: tls=0 3. Remove ldaps:/// from slapd -h in systemd service file 4. Update source.list and install slapd from trixie 4. start with slapd -d config -h "ldap:/// ldapi:///" 5. Add olcTLSCipherSuite: HIGH 6. Remove olcSecurity: tls=0 Still systemctl start slapd fails, but systemd still cannot start.Manually running this same command (after creating the directories and adjusting permissions) works fine, but somehow systemd is failing to start it.
# cat /etc/systemd/system/slapd.service.d/override.conf [Service] ExecStart= ExecStartPre=/bin/mkdir -p /var/run/slapd ExecStartPre=/bin/chown openldap:openldap /var/run/slapdExecStart=/usr/sbin/slapd -h "ldap:/// ldapi:///" -F /etc/ldap/slapd.d -u openldap -g openldap
OpenPGP_0x8F53E0193B294B75.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
