search

ltb-project / openldap-deb

Debian packages for OpenLDAP
http://ltb-project.org/wiki/documentation/openldap-deb
GNU General Public License v3.0
14 stars 13 forks source link

Debian package needs to be rebuilt on Debian update #114

Closed guimard closed 4 months ago

guimard commented 4 months ago

After Bookworm update, my Openldap-LTB refuses to start:

668e39cd.0ce33810 0x7fc2f4226740 @(#) $OpenLDAP: slapd 2.5.18 (May 20 2024 22:00:00) $
        openldap
668e39cd.0ce683c2 0x7fc2f4226740 ch_calloc of 1 elems of 60129541696 bytes failed
slapd: ch_malloc.c:107: ch_calloc: Assertion `0' failed.

(same with Bullseye)

coudot commented 4 months ago

Can't reproduce on my side:

# cat /etc/debian_version 
11.10
# slapd-cli debug
slapd-cli: [INFO] Using /usr/local/openldap/etc/openldap/slapd-cli.conf for configuration
slapd-cli: [INFO] Halting OpenLDAP...
slapd-cli: [OK] OpenLDAP stopped
slapd-cli: [INFO] No data backup done
slapd-cli: [INFO] Launching OpenLDAP...
slapd-cli: [OK] File descriptor limit set to 1024
668e422f.0a79b774 0x7f12f977d740 @(#) $OpenLDAP: slapd 2.5.18 (May 20 2024 22:00:00) $
        openldap

Do you see what could be different on my installation?

guimard commented 4 months ago

My startup script is /usr/local/openldap/libexec/slapd -h ldap://* -u ldap -g ldap -d 256 and give the error (it's a docker)

davidcoutadeur commented 4 months ago

My OpenLDAP 2.5.18 instance on debian 12.6 is also working perfectly. Maybe is it a problem linked to docker. A memory limit or a mdb database limit reached?

Could you give more details for reproducing the bug?

davidcoutadeur commented 4 months ago

Also no problem with debian:stable docker image:

/usr/local/openldap/libexec/slapd -h ldap://* -u ldap -g ldap -d 256
668e4f4d.0697615c 0x7f2f785b2740 @(#) $OpenLDAP: slapd 2.5.18 (May 20 2024 22:00:00) $
        openldap
668e4f4d.106e7311 0x7f2f785b2740 slapd starting
guimard commented 4 months ago

My OpenLDAP 2.5.18 instance on debian 12.6 is also working perfectly. Maybe is it a problem linked to docker. A memory limit or a mdb database limit reached?

Could you give more details for reproducing the bug?

Here is my Dockerfile (users are Lemonldap Demo users):

FROM debian:bookworm-slim
ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        apt-transport-https \
        ca-certificates \
        curl \
        gpg \
        wget && \
    curl https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor > /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg && \
    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg] https://ltb-project.org/debian/openldap25/bookworm bookworm main" > /etc/apt/sources.list.d/ltb-project.list && \
    apt-get update && \
    apt-get install -y openldap-ltb openldap-ltb-contrib-overlays openldap-ltb-mdb-utils ldap-utils && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*
COPY ./ldif/config-20230322180123.ldif /var/backups/openldap/
COPY ./ldif/base_ldap_users.ldif /tmp
RUN rm -rf /usr/local/openldap/var/lib/ldap /usr/local/openldap/etc/openldap/slapd.d && \
    mkdir -p /usr/local/openldap/var/lib/ldap && \
    chown -R ldap:ldap /usr/local/openldap/var/lib/ldap && \
    mkdir -p /usr/local/openldap/etc/openldap/slapd.d && \
    chown -R ldap:ldap /usr/local/openldap/etc/openldap/slapd.d && \
    usr/local/openldap/sbin/slapd-cli restoreconfig -b /var/backups/openldap/config-20230322180123.ldif && \
    mkdir -p /usr/local/openldap/var/lib/ldap/data && \
    chown -R ldap:ldap /usr/local/openldap/var/lib/ldap/data && \
    /usr/local/openldap/sbin/slapadd -F /usr/local/openldap/etc/openldap/slapd.d/ -b "dc=example,dc=com" -l /tmp/base_ldap_users.ldif
EXPOSE 389
VOLUME /usr/local/openldap/var/openldap-data
CMD ["/usr/local/openldap/libexec/slapd", "-h", "ldap://*", "-u", "ldap", "-g", "ldap", "-d", "256"]

Worked fine until this month

davidcoutadeur commented 4 months ago

@guimard I have rebuilt and run your image just fine. No problem at all.

I suspect a problem with:

Especially, take care about the permissions: are the permissions correct on the data? If you have mounted a volume, you must ensure that your data belongs to ldap:ldap.

Anyway, there does not seem to be any problem with openldap-ltb packaging by themselves.

flesueur commented 4 months ago

Hi,

May be related to https://github.com/rroemhild/docker-test-openldap/issues/51 ?

Could you try to add --ulimit nofile=1024 to your docker commandline ?

François

guimard commented 4 months ago

Hi,

May be related to rroemhild/docker-test-openldap#51 ?

Could you try to add --ulimit nofile=1024 to your docker commandline ?

François

Thanks a lot, this fixes my issue!