slapd - slow starting
UEMURA (fka. MAENAKA) Tetsuya
maenaka at pluto.dti.ne.jp
Mon Jul 10 15:15:49 UTC 2006
Posted on Mon, 10 Jul 2006 15:27:39 +0200
by author Eric Masson <e-masson at kisoft-services.com>
> Chicken & Egg problem, the system queries the ldap backend to get
> informations about the account it will use to start the ldap backend.
Indeed. So that by adding `bind_policy soft' to nss_ldap.conf to force
nss to quit querying immediately if LDAP server isn't ready.
Note that by default, LDAP server tries to resolv user:ldap and
group:ldap, and of course both must be resolvable without LDAP server
itself, add user:ldap and group:ldap to /etc files.
Anyway, my nss_ldap.conf has only the follwing 4 lines, FYI.
maenaka@~> grep -vE '^#|^$' < /usr/local/etc/nss_ldap.conf
base dc=ldapserver
uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/
bind_timelimit 5
bind_policy soft
maenaka@~> ls -laR /var/run/openldap/
total 8
drwxrwxr-x 2 root ldap 512 Jul 9 00:13 .
drwxr-xr-x 8 root wheel 1024 Jul 11 00:14 ..
srwxrwxrwx 1 root ldap 0 Jul 9 00:13 ldapi
-rw-r--r-- 1 ldap ldap 94 Jul 9 00:13 slapd.args
-rw-r--r-- 1 ldap ldap 6 Jul 9 00:13 slapd.pid
--
UEMURA (fka. MAENAKA) Tetsuya <maenaka at pluto.dti.ne.jp>
More information about the freebsd-stable
mailing list