slapd won’t start after a power failure

I had a power failure earlier in the day, and apparently all of the services came back to normal afterward. However, a warning message from PWM Password Self Service said it could not connect to LDAP.  Since nothing was listening neither at port 389 nor port 636, I had to restart the daemon. Trying to start the slapd manually resulted in failure, indeed:

 # /etc/rc.d/slapd start 

Starting the daemon directly, but with -u and -g options, and -h, while skipping the rest of the rc.d script worked (sometimes :))

# /usr/local/libexec/slapd -u _openldap -g _openldap -h ldap://\ ldaps://

# netstat -anf inet |grep 389
tcp          0      0          *.*                    LISTEN

and stopping the daemon immediately after such starting worked, but a subsequent start would fail again.

A brief insight in slightly re-crafted /etc/rc.d/slapd exposed the problem:

cat /etc/rc.d/slapd
# $OpenBSD: slapd.rc,v 1.4 2012/05/05 14:41:30 sthen Exp $

daemon_flags=”-u _openldap -g _openldap -h ldap://\ ldaps://\ ldapi://%2fvar%2frun%2fslapd.sock”

# To bind to multiple URLs, pass this to rc.d(8) via /etc/rc.conf.local:
# slapd_flags=”-u _openldap -h ldap:///\ ldaps:///”
# Note the escaped space between URLs. ^^

. /etc/rc.d/rc.subr


rc_pre() {
/usr/bin/install -d -o _openldap /var/run/openldap
rm /var/run/slapd.sock

rc_cmd $1

And there was no /var/run/slapd.sock, required once the rc.subr is sourced later in the script, and I wasn’t re-creating one with the above-mentioned manual command, which ultimately lead to this confusion! After touching it and a chown to _openldap, the script worked well again.

Leave a Reply

Your email address will not be published. Required fields are marked *