Ok, that's the problem. You need to edit your start-admin script. See
below inline:
Taymour A. El Erian wrote:
Richard Megginson wrote:
>Hmm - can you post your /opt/fedora-ds/start-admin script?
>
>
Here is the script
SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
unset PASSWORD_PIPE
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
LD_LIBRARY_PATH
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
export LIBPATH
SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
HTTPD=/usr/sbin//httpd.worker
# see if httpd is linked with the openldap libraries - we need to
override them
OS=`uname -s`
if [ $OS = "Linux" ]; then
hasol=0
/usr/bin/ldd $HTTPD 2>&1 | grep libldap- > /dev/null 2>&1 &&
hasol=1
Change "libldap-" to "libldap" in the above line.
if [ $hasol -eq 1 ] ; then
LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
${SERVER_ROOT}/bin/admin/lib/libldap50.so"
export LD_PRELOAD
fi
fi
$HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf "$@"
The problem is that the Apache binary is linked with the openldap
libraries. Our admin server module is linked with the moz ldap sdk
which is included with FDS. Unfortunately, without the LD_PRELOAD, the
admin server module resolves those ldap symbols from the ol libs linked
into Apache.
Q: So, why not just use the openldap libs?
A: Because we require the use of NSS for crypto. openldap does not
support NSS.
>Taymour A. El Erian wrote:
>
>
>
>>Richard Megginson wrote:
>>
>>
>>
>>
>>
>>>Where is your Apache binary? Is it /usr/sbin/httpd.worker? If you do
>>>ldd /usr/bin/httpd.worker, do you see a link to libldap?
>>>
>>>
>>>
>>>
>>Here it is
>>
>>ldd /usr/sbin/httpd.worker |grep ldap
>>libldap.so.2 => //usr/lib/libldap.so.2 (0x001fd000)
>>
>>
>>
>>
>>
>>
>>>Taymour A. El Erian wrote:
>>>
>>>
>>>
>>>
>>>
>>>>Hi,
>>>>
>>>> I have just downloaded FDS 1.0 to my FC2 box for testing (thinking
>>>>of moving from OpenLDAP). I started the setup (tried the 3 modes) and
>>>>finished the installation but unfortunately I am unable to login to
>>>>the
>>>>console and I have the following errors in the log
>>>>
>>>>[Mon Dec 05 11:20:02 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :148841712
>>>>[Mon Dec 05 11:20:02 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:10 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :145712368
>>>>[Mon Dec 05 11:20:10 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:11 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :156321008
>>>>[Mon Dec 05 11:20:11 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:12 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :141018352
>>>>[Mon Dec 05 11:20:12 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:13 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :144086256
>>>>[Mon Dec 05 11:20:13 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:14 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :163882224
>>>>[Mon Dec 05 11:20:14 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:16 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :161109232
>>>>[Mon Dec 05 11:20:16 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:45 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :144094448
>>>>[Mon Dec 05 11:20:45 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:47 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :152855792
>>>>[Mon Dec 05 11:20:47 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:20:49 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :163517680
>>>>[Mon Dec 05 11:20:49 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:21:37 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :145147120
>>>>[Mon Dec 05 11:21:37 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:21:55 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :152823024
>>>>[Mon Dec 05 11:21:55 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:21:56 2005] [crit] openLDAPConnection():
>>>>ldap_set_option
>>>>failed to disable cache for :152845528
>>>>[Mon Dec 05 11:21:56 2005] [warn] Unable to open initial
>>>>LDAPConnection
>>>>to populate LocalAdmin tasks into cache.
>>>>[Mon Dec 05 11:21:56 2005] [notice] Apache/2.0 configured -- resuming
>>>>normal operations
>>>>[Mon Dec 05 11:22:39 2005] [notice] [client 212.103.165.84]
>>>>admserv_host_ip_check: Unauthorized host ip=xxx.xxx.xxx.xxx connection
>>>>rejected
>>>>
>>>>xxx.xxx.xxx.xxx is my ip address (both the server and console run
>>>>on it)
>>>>
>>>>Any help ?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>------------------------------------------------------------------------
>>>
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users(a)redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>------------------------------------------------------------------------
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users(a)redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
>