openldap slapd startup delay
Sean McNeil
sean at mcneil.com
Wed Nov 17 12:35:57 PST 2004
On Wed, 2004-11-17 at 13:50 +0000, Dick Davies wrote:
> * Ivan Voras <ivoras at fer.hr> [1124 13:24]:
> > I'm running pam_ldap & nss_ldap fine, but there's a huge delay when
> > slapd starts (upto 30sec.). During the delay there's no load on the
> > machine, and it's listening on hosts that are name-resolvable via
> > /etc/hosts (it has priority in /etc/nsswitch.conf).
>
> I saw this for the past three weeks - it appears to be a problem with
> the rc script. If you run 'ps awwux'and copy the command line shown to
> a script, it starts straight away.
>
>
> I replaced it with this, which starts instantly :
>
>
> root at eris exim # less /usr/local/etc/rc.d/000._slappy.sh
> #!/bin/sh
>
> # please don't mistake me for someone who gives a shit that I check a pidfile
> # twice in the stop function, I am too old and lazy to learn shell.
>
>
> DAEMON="/usr/local/libexec/slapd"
> PIDFILE="/var/run/openldap/slapd.pid"
> CFG="/usr/local/etc/openldap/slapd.conf"
> FLAGS='-h ldaps://ldap.domain/ ldap://ldap.domain -u ldap -g ldap'
>
>
> case $1 in
> start)
> [ -x ${DAEMON} ] && {
> echo -n ' starting slapd'
> ${DAEMON} ${FLAGS}
> }
> ;;
>
> stop)
> [ -f ${PIDFILE} ] || ( echo ' slapd not running? (no ${PIDFILE})' && exit )
> [ -f ${PIDFILE} ] && {
> echo -n ' stopping slapd'
> kill `cat ${PIDFILE}`
> }
> ;;
>
> restart)
> stop
> start
> ;;
>
> *)
> echo "usage: `basename $0` {start|stop|restart}" >&2
> exit 64
> ;;
> esac
Does this fix the start delay, or the problem with stop? I have traced
through the start delay and found it is because slapd is opening the
socket and then there is a lookup on group which causes it to try to
read from slapd and you are in a deadlock until the socket times out.
This has always been normal for me (the delay on startup) and others.
Sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20041117/01f7ef79/attachment.bin
More information about the freebsd-current
mailing list