slapd won’t start after a power failure

I had a power failure earlier in the day, and apparently all of the services came back to normal afterward. However, a warning message from PWM Password Self Service said it could not connect to LDAP.  Since nothing was listening neither at port 389 nor port 636, I had to restart the daemon. Trying to start the slapd manually resulted in failure, indeed:

 # /etc/rc.d/slapd start 
slapd(failed)

Starting the daemon directly, but with -u and -g options, and -h, while skipping the rest of the rc.d script worked (sometimes :))

# /usr/local/libexec/slapd -u _openldap -g _openldap -h ldap://192.168.1.102\ ldaps://192.168.1.102

# netstat -anf inet |grep 389
tcp          0      0  192.168.1.102.389          *.*                    LISTEN

and stopping the daemon immediately after such starting worked, but a subsequent start would fail again.

A brief insight in slightly re-crafted /etc/rc.d/slapd exposed the problem:

cat /etc/rc.d/slapd
#!/bin/sh
# $OpenBSD: slapd.rc,v 1.4 2012/05/05 14:41:30 sthen Exp $

daemon=”/usr/local/libexec/slapd”
daemon_flags=”-u _openldap -g _openldap -h ldap://192.168.1.102\ ldaps://192.168.1.102\ ldapi://%2fvar%2frun%2fslapd.sock”

# To bind to multiple URLs, pass this to rc.d(8) via /etc/rc.conf.local:
# slapd_flags=”-u _openldap -h ldap:///\ ldaps:///”
# Note the escaped space between URLs. ^^

. /etc/rc.d/rc.subr

rc_reload=NO

rc_pre() {
/usr/bin/install -d -o _openldap /var/run/openldap
rm /var/run/slapd.sock
}

rc_cmd $1

And there was no /var/run/slapd.sock, required once the rc.subr is sourced later in the script, and I wasn’t re-creating one with the above-mentioned manual command, which ultimately lead to this confusion! After touching it and a chown to _openldap, the script worked well again.

Leave a Reply

Your email address will not be published. Required fields are marked *