I had a power failure earlier in the day, and apparently all of the services came back to normal afterward. However, a warning message from PWM Password Self Service said it could not connect to LDAP. Since nothing was listening neither at port 389 nor port 636, I had to restart the daemon. Trying to start the slapd manually resulted in failure, indeed:
# /etc/rc.d/slapd start
Starting the daemon directly, but with -u and -g options, and -h, while skipping the rest of the rc.d script worked (sometimes :))
# /usr/local/libexec/slapd -u _openldap -g _openldap -h ldap://192.168.1.102\ ldaps://192.168.1.102
# netstat -anf inet |grep 389
tcp 0 0 192.168.1.102.389 *.* LISTEN
and stopping the daemon immediately after such starting worked, but a subsequent start would fail again.
A brief insight in slightly re-crafted /etc/rc.d/slapd exposed the problem:
# $OpenBSD: slapd.rc,v 1.4 2012/05/05 14:41:30 sthen Exp $
daemon_flags=”-u _openldap -g _openldap -h ldap://192.168.1.102\ ldaps://192.168.1.102\ ldapi://%2fvar%2frun%2fslapd.sock”
# To bind to multiple URLs, pass this to rc.d(8) via /etc/rc.conf.local:
# slapd_flags=”-u _openldap -h ldap:///\ ldaps:///”
# Note the escaped space between URLs. ^^
/usr/bin/install -d -o _openldap /var/run/openldap
And there was no /var/run/slapd.sock, required once the rc.subr is sourced later in the script, and I wasn’t re-creating one with the above-mentioned manual command, which ultimately lead to this confusion! After touching it and a chown to _openldap, the script worked well again.