openldap slapd startup delay

Sean McNeil sean at mcneil.com
Wed Nov 17 12:35:57 PST 2004 

On Wed, 2004-11-17 at 13:50 +0000, Dick Davies wrote:
> * Ivan Voras <ivoras at fer.hr> [1124 13:24]:
> > I'm running pam_ldap & nss_ldap fine, but there's a huge delay when 
> > slapd starts (upto 30sec.). During the delay there's no load on the 
> > machine, and it's listening on hosts that are name-resolvable via 
> > /etc/hosts (it has priority in /etc/nsswitch.conf).
> 
> I saw this for the past three weeks - it appears to be a problem with
> the rc script. If you run 'ps awwux'and copy the command line shown to
> a script, it starts straight away.
> 
> 
> I replaced it with this, which starts instantly :
> 
> 
> root at eris exim # less /usr/local/etc/rc.d/000._slappy.sh 
> #!/bin/sh
> 
> # please don't mistake me for someone who gives a shit that I check a pidfile
> # twice in the stop function, I am too old and lazy to learn shell.
> 
> 
> DAEMON="/usr/local/libexec/slapd"
> PIDFILE="/var/run/openldap/slapd.pid"
> CFG="/usr/local/etc/openldap/slapd.conf"
> FLAGS='-h ldaps://ldap.domain/ ldap://ldap.domain -u ldap -g ldap'
> 
> 
> case $1 in
> start)
>     [ -x ${DAEMON} ] && {
>         echo -n ' starting slapd'
>         ${DAEMON} ${FLAGS}
>     }
>     ;;
> 
> stop)
>     [ -f ${PIDFILE} ] || ( echo ' slapd not running? (no ${PIDFILE})' && exit )
>     [ -f ${PIDFILE} ] && {
>         echo -n ' stopping slapd'
>         kill `cat ${PIDFILE}`
>     }
>     ;;
> 
> restart)
>         stop
> 				start
>     ;;
> 
> *)
>     echo "usage: `basename $0` {start|stop|restart}" >&2
>     exit 64
>     ;;
> esac

Does this fix the start delay, or the problem with stop?  I have traced
through the start delay and found it is because slapd is opening the
socket and then there is a lookup on group which causes it to try to
read from slapd and you are in a deadlock until the socket times out.
This has always been normal for me (the delay on startup) and others.

Sean

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20041117/01f7ef79/attachment.bin

More information about the freebsd-current mailing list