Openldap意外关闭

Question

我从源tarball安装了openldap 2.4.35，在CentSO 6.4 x86_64上安装了berkeleydb 5.0.32.NC。

运行几天后，ldap服务器意外关闭。这是最后一个日志：

ber_get_next
TLS trace: SSL3 alert read:warning:close notify 
52b7b798 ber_get_next on fd 13 failed errno=0 (Success)
52b7b798 conn=1023 op=70 do_unbind
52b7b798 connection_close: conn=1023 sd=13
TLS trace: SSL3 alert write:warning:close notify
52b7cbba daemon: shutdown requested and initiated.
52b7cbba slapd shutdown: waiting for 0 operations/tasks to finish
52b7cbba slapd shutdown: initiated
52b7cbba ====> bdb_cache_release_all
52b7cbba slapd destroy: freeing system resources.
52b7cbba slapd stopped.

配置文件(slapd.conf)：

include         /home/ucportal/local/openldap/etc/openldap/schema/core.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/corba.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/cosine.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/duaconf.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/dyngroup.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/inetorgperson.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/java.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/misc.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/nis.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/openldap.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/ppolicy.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/collective.schema
include         /home/ucportal/local/openldap/etc/openldap/schema/uc.schema

pidfile         /home/ucportal/local/openldap/var/run/slapd.pid
argsfile        /home/ucportal/local/openldap/var/run/slapd.args

loglevel        1
logfile /home/ucportal/openldap/var/log/slapd.log

database        bdb
suffix          "dc=ucweb,dc=com"
rootdn          "cn=admin,dc=ucweb,dc=com"

rootpw  123456

directory       /home/ucportal/local/openldap/var/openldap-data

index   objectClass     eq
index entryUUID,entryCSN eq

TLSCACertificateFile /home/ucportal/openldap/etc/openldap/cacerts/ca.crt
TLSCertificateFile /home/ucportal/openldap/etc/openldap/ldap-server.crt
TLSCertificateKeyFile /home/ucportal/openldap/etc/openldap/ldap-key.pem

注意:我使用非根用户安装并运行openldap。

我使用这个命令启动ldap守护进程：slapd -f ~/openldap/etc/openldap/slapd.conf -d 1 -h 'ldaps://0.0.0.0:6361'

有什么建议吗？

Answer 1

对于开放LDAP服务器来说，这是一个非常常见的问题，首先，我建议您将这个问题迁移到serverfault。这将是一个很好的实践，总是使用根权限运行守护进程。

基于我到目前为止的研究，我想与你分享这些联系，我希望它们可以帮助你解决你的问题。

• kunena/Itemid,232/catid,10/func,view/id,19945/
• http://www.openldap.org/lists/openldap-software/200502/msg00268.html

配置OpenLDAP

• https://serverfault.com/questions/138286/configuring-openldap-and-ssl
• http://www.openldap.org/doc/admin24/slapdconf2.html