Urgent: today's F14 catastrophe with openldap-servers update
Panu Matilainen
pmatilai at laiskiainen.org
Tue Nov 23 12:50:50 UTC 2010
On Tue, 23 Nov 2010, Panu Matilainen wrote:
> On Tue, 23 Nov 2010, Paul Howarth wrote:
>
>> On 23/11/10 10:11, Patrick MONNERAT wrote:
>>> While applying today's updates on a machine running a slapd server, the
>>> following error occurred:
>>>
>>> Stopping slapd: [ OK ]
>>> Checking configuration files for slapd: [FAILED]
>>> bdb(dc=linuxdev,dc=datasphere,dc=ch): Build signature doesn't match
>>> environment
>>> bdb_db_open: database "dc=linuxdev,dc=datasphere,dc=ch" cannot be
>>> opened, err -30971. Restore from backup!
>>> backend_startup_one (type=bdb,
>>> suffix="dc=linuxdev,dc=datasphere,dc=ch"): bi_db_open failed! (-30971)
>>> slap_startup failed (test would succeed using the -u switch)
>>> stale lock files may be present in /var/lib/ldap[WARNING]
>>> /var/lib/ldap /
>>> /
>>>
>>> as a result, the ldap server is not running anymore, I cannot start it
>>> manually and I have no recent backup.
>>>
>>> I cannot even use slapcat (after update) on the current data.
>>>
>>> This is quite urgent since ldap data are heavily used by our
>>> applications.
>>> Please help !
>>
>> Just had the same thing happen to me.
>>
>> Worked around it by doing:
>>
>> # yum downgrade openldap openldap-servers openldap-clients
>> # slapcat > my.ldif
>> # yum update openldap openldap-servers openldap-clients
>>
>> Remove contents of /var/lib/ldap except DB_CONFIG
>>
>> # slapadd < my.ldif
>> # chown ldap:ldap /var/lib/ldap/*
>> # restorecon -rvF /var/lib/ldap
>> # service slapd start
>>
>> It came back up OK.
>>
>> Looks like the new openldap is built against a different BerkeleyDB than
>> the old one.
>
> Yup, Berkeley DB is picky about its environment. It should be sufficient
> to to do 'rm -f /var/lib/ldap/__db.*; service slapd start' to recover
> from the upgrade.
...but just in case: I'm not at all familiar with openldap specifics.
The openldap maintenance guide has the correct procedure for upgrades:
http://www.openldap.org/doc/admin24/maintenance.html (which is basically
the steps explained by Paul above)
- Panu -
More information about the devel
mailing list