Le 02/05/2020 à 23:26, Abdelkader Chelouah a écrit : > > Hello, > > > Since the upgrade to RHEL 7.7, my openldap service with property > |Type=forking| and property |PIDFile| defined doesn't start and its > status shows the following error messages: > > > May 02 20:02:57 systemd[1]: New main PID 445254 does not belong to > service, and PID file is not owned by root. Refusing. > > > Actually, slapd is started with -u ldap -g ldap options, so the owner > of the pid file slapd.pid is ldap. The problem was introduced by > |systemd-219-67| to fix the security issue CVE-2018-16888. See > https://access.redhat.com/solutions/4420581 for more details. > > > Is there a way to overcome this issue ? > >
Hello, I just tested with OpenLDAP LTB packages on CentOS 7 (7.8.2003) and 8 (8.1.1911) and there is no issue. Here is the systemd file: [root@kptn-centos7 ~]# cat /usr/lib/systemd/system/slapd.service [Unit] Description=OpenLDAP LTB startup script Documentation=https://ltb-project.org/documentation After=syslog.target network.target [Service] Type=forking PIDFile=/usr/local/openldap/var/run/slapd.pid ExecStart=/usr/local/openldap/sbin/slapd-cli start ExecStop=/usr/local/openldap/sbin/slapd-cli stop [Install] WantedBy=multi-user.target -- Clément Oudot | Identity Solutions Manager clement.ou...@worteks.com Worteks | https://www.worteks.com
