Package: slapd Version: 2.3.27-1 Severity: Important Hello,
I noticed that I (slapd? slapindex?) created some index files owned by root by accident after introducing new index-directives for samba in slapd.conf effect: bdb_db_open: dbenv_open(/var/lib/ldap) bdb_db_open: Database cannot be opened, err 13. Restore from backup! ====> bdb_cache_release_all bdb(dc=schule): DB_ENV->lock_id_free interface requires an environment configured for the locking subsystem bdb(dc=schule): txn_checkpoint interface requires an environment configured for the transaction subsystem bdb_db_close: txn_checkpoint failed: Invalid argument (22) backend_startup_one: bi_db_open failed! (13) slapd shutdown: initiated cause: rw-r--r-- 1 openldap openldap 4,0K 2006-10-23 18:03 alock -rw------- 1 openldap openldap 344K 2006-10-23 17:53 cn.bdb -rw------- 1 root root 8,0K 2006-10-23 17:59 __db.001 -rw------- 1 root root 2,6M 2006-10-23 17:59 __db.002 -rw------- 1 root root 96K 2006-10-23 17:59 __db.003 -rw------- 1 root root 552K 2006-10-23 17:59 __db.004 -rw------- 1 root root 24K 2006-10-23 17:59 __db.005 -rw-r--r-- 1 openldap openldap 96 2006-10-12 22:41 DB_CONFIG -rw------- 1 openldap openldap 500K 2006-10-23 17:59 dn2id.bdb -rw------- 1 openldap openldap 24K 2006-10-23 17:53 gidNumber.bdb -rw------- 1 root root 696K 2006-10-23 17:53 givenName.bdb -rw------- 1 openldap openldap 4,3M 2006-10-23 17:59 id2entry.bdb -rw------- 1 openldap openldap 10M 2006-10-18 11:58 log.0000000001 -rw------- 1 openldap openldap 10M 2006-10-18 12:02 log.0000000002 -rw------- 1 openldap openldap 10M 2006-10-18 12:05 log.0000000003 -rw------- 1 openldap openldap 10M 2006-10-18 12:07 log.0000000004 -rw------- 1 openldap openldap 10M 2006-10-18 12:10 log.0000000005 -rw------- 1 openldap openldap 10M 2006-10-18 12:14 log.0000000006 -rw------- 1 openldap openldap 10M 2006-10-18 12:21 log.0000000007 -rw------- 1 openldap openldap 10M 2006-10-18 12:23 log.0000000008 -rw------- 1 openldap openldap 10M 2006-10-18 12:25 log.0000000009 -rw------- 1 openldap openldap 10M 2006-10-18 12:26 log.0000000010 -rw------- 1 openldap openldap 10M 2006-10-18 12:31 log.0000000011 -rw------- 1 openldap openldap 10M 2006-10-18 12:45 log.0000000012 -rw------- 1 openldap openldap 10M 2006-10-18 12:49 log.0000000013 -rw------- 1 openldap openldap 10M 2006-10-18 12:51 log.0000000014 -rw------- 1 openldap openldap 10M 2006-10-18 12:53 log.0000000015 -rw------- 1 openldap openldap 10M 2006-10-18 12:55 log.0000000016 -rw------- 1 openldap openldap 10M 2006-10-18 12:56 log.0000000017 -rw------- 1 openldap openldap 10M 2006-10-18 12:58 log.0000000018 -rw------- 1 openldap openldap 10M 2006-10-18 13:07 log.0000000019 -rw------- 1 openldap openldap 10M 2006-10-19 22:17 log.0000000020 -rw------- 1 openldap openldap 10M 2006-10-23 17:53 log.0000000021 -rw------- 1 root root 5,1M 2006-10-23 17:59 log.0000000022 -rw------- 1 openldap openldap 68K 2006-10-23 17:53 memberUid.bdb -rw------- 1 openldap openldap 164K 2006-10-23 17:59 objectClass.bdb -rw------- 1 openldap openldap 8,0K 2006-10-23 17:53 sambaDomainName.bdb -rw------- 1 root root 24K 2006-10-23 17:53 sambaPrimaryGroupSID.bdb -rw------- 1 openldap openldap 44K 2006-10-23 17:53 sambaSID.bdb -rw------- 1 root root 344K 2006-10-23 17:53 sn.bdb -rw------- 1 openldap openldap 40K 2006-10-23 17:59 uid.bdb -rw------- 1 openldap openldap 40K 2006-10-23 17:59 uidNumber.bdb Saldy I cannot say, what exactly caused this, because I'm quite new in LDAP. What I've done is: 1st Modifying slapd.conf based on the smbldap-tools suggestions 2nd Restarted sldapd, noticed it didn't worked. 3rd Run slapindex as root, since is what introduced as index building utility 4th Noticed, that slapd still didn't start 5th Turned debugging on 6th Noticed potential permission / read trouble by checking /var/lib/ldap 7th chown openldap.openldap * 8th problem solved. However, even if I've done terrible wrong by running slapindex as root, I strongly recommend showing a warning message if slapindex is up to produce an inconsistent database (database, that openldap is unable to read by debian defaults). Btw. I've set serverity: important, since inconsitent LDAP-DBs might cause system to fail as a whole. Feel free to set it to wishlist. Greets, Thorsten. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]