Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1029040: 389-ds-base: systemd unit file not restarting ldap server after segfault
54 views
Skip to first unread message
laf...@sysmocom.de
Jan 16, 2023, 2:50:03 PM1/16/23
to
Package: 389-ds-base
Version: 1.4.4.11-2
Severity: normal
Dear Maintainer,
I recently noticed that the systemd unit file distributed with this
package does not specify any Restart= policy. According to the systemd
documentation, this means the implicit default of Restart=no is used.
This is rather sad, as any bug in the server (such as one that leads to
its segfault) will render the service disabled without recovering
automatically.
I've recently ran into that situation:
Jan 16 16:17:07 REDACTED ns-slapd[166]: [16/Jan/2023:16:17:07.675187250 +0000] - NOTICE - bdb_db_compact_one_db - compactdb: compact userRoot - 1 pages freed
Jan 16 16:17:07 REDACTED systemd[1]: dir...@ldap.service: Main process exited, code=killed, status=11/SEGV
Jan 16 16:17:07 REDACTED systemd[1]: dir...@ldap.service: Failed with result 'signal'.
Jan 16 16:17:07 REDACTED systemd[1]: dir...@ldap.service: Consumed 3h 5min 10.445s CPU time.
Now of course in an ideal world processed would never segfault.
However, that's besides the point. A vital service like LDAP should
attempt to recover/respawn after it crashes for whatever reason.
So I would like to suggest that a "Restart=always" line is added to the
dirsrv@.service file.
-- System Information:
Debian Release: 11.6
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-16-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages 389-ds-base depends on:
ii 389-ds-base-libs 1.4.4.11-2
ii acl 2.2.53-10
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.77
ii ldap-utils 2.4.57+dfsg-3+deb11u1
ii libc6 2.31-13+deb11u5
ii libcrypt1 1:4.4.18-4
ii libdb5.3 5.3.28+dfsg1-0.8
ii libicu67 67.1-7
ii libldap-2.4-2 2.4.57+dfsg-3+deb11u1
ii libmozilla-ldap-perl 1.5.3-3+b2
ii libnetaddr-ip-perl 4.079+dfsg-1+b5
ii libnspr4 2:4.29-1
ii libnss3 2:3.61-1+deb11u2
ii libpam0g 1.4.0-9+deb11u1
ii libsasl2-2 2.1.27+dfsg-2.1+deb11u1
ii libsasl2-modules-gssapi-mit 2.1.27+dfsg-2.1+deb11u1
ii libsnmp40 5.9+dfsg-4+deb11u1
ii libsocket-getaddrinfo-perl 0.22-3
ii libsystemd0 247.3-7+deb11u1
ii perl 5.32.1-4+deb11u2
ii python3 3.9.2-3
ii python3-lib389 1.4.4.11-2
ii python3-selinux 3.1-3
ii python3-semanage 3.1-1+b2
ii python3-sepolicy 3.1-1
ii systemd 247.3-7+deb11u1
389-ds-base recommends no packages.
389-ds-base suggests no packages.
-- Configuration Files:
/etc/dirsrv/config/certmap.conf [Errno 13] Permission denied: '/etc/dirsrv/config/certmap.conf'
/etc/dirsrv/config/ldap-agent.conf [Errno 13] Permission denied: '/etc/dirsrv/config/ldap-agent.conf'
/etc/dirsrv/config/slapd-collations.conf [Errno 13] Permission denied: '/etc/dirsrv/config/slapd-collations.conf'
/etc/dirsrv/config/template-initconfig [Errno 13] Permission denied: '/etc/dirsrv/config/template-initconfig'
/etc/dirsrv/schema/99user.ldif [Errno 13] Permission denied: '/etc/dirsrv/schema/99user.ldif'
-- no debconf information
Version: 1.4.4.11-2
Severity: normal
Dear Maintainer,
I recently noticed that the systemd unit file distributed with this
package does not specify any Restart= policy. According to the systemd
documentation, this means the implicit default of Restart=no is used.
This is rather sad, as any bug in the server (such as one that leads to
its segfault) will render the service disabled without recovering
automatically.
I've recently ran into that situation:
Jan 16 16:17:07 REDACTED ns-slapd[166]: [16/Jan/2023:16:17:07.675187250 +0000] - NOTICE - bdb_db_compact_one_db - compactdb: compact userRoot - 1 pages freed
Jan 16 16:17:07 REDACTED systemd[1]: dir...@ldap.service: Main process exited, code=killed, status=11/SEGV
Jan 16 16:17:07 REDACTED systemd[1]: dir...@ldap.service: Failed with result 'signal'.
Jan 16 16:17:07 REDACTED systemd[1]: dir...@ldap.service: Consumed 3h 5min 10.445s CPU time.
Now of course in an ideal world processed would never segfault.
However, that's besides the point. A vital service like LDAP should
attempt to recover/respawn after it crashes for whatever reason.
So I would like to suggest that a "Restart=always" line is added to the
dirsrv@.service file.
-- System Information:
Debian Release: 11.6
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-16-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages 389-ds-base depends on:
ii 389-ds-base-libs 1.4.4.11-2
ii acl 2.2.53-10
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.77
ii ldap-utils 2.4.57+dfsg-3+deb11u1
ii libc6 2.31-13+deb11u5
ii libcrypt1 1:4.4.18-4
ii libdb5.3 5.3.28+dfsg1-0.8
ii libicu67 67.1-7
ii libldap-2.4-2 2.4.57+dfsg-3+deb11u1
ii libmozilla-ldap-perl 1.5.3-3+b2
ii libnetaddr-ip-perl 4.079+dfsg-1+b5
ii libnspr4 2:4.29-1
ii libnss3 2:3.61-1+deb11u2
ii libpam0g 1.4.0-9+deb11u1
ii libsasl2-2 2.1.27+dfsg-2.1+deb11u1
ii libsasl2-modules-gssapi-mit 2.1.27+dfsg-2.1+deb11u1
ii libsnmp40 5.9+dfsg-4+deb11u1
ii libsocket-getaddrinfo-perl 0.22-3
ii libsystemd0 247.3-7+deb11u1
ii perl 5.32.1-4+deb11u2
ii python3 3.9.2-3
ii python3-lib389 1.4.4.11-2
ii python3-selinux 3.1-3
ii python3-semanage 3.1-1+b2
ii python3-sepolicy 3.1-1
ii systemd 247.3-7+deb11u1
389-ds-base recommends no packages.
389-ds-base suggests no packages.
-- Configuration Files:
/etc/dirsrv/config/certmap.conf [Errno 13] Permission denied: '/etc/dirsrv/config/certmap.conf'
/etc/dirsrv/config/ldap-agent.conf [Errno 13] Permission denied: '/etc/dirsrv/config/ldap-agent.conf'
/etc/dirsrv/config/slapd-collations.conf [Errno 13] Permission denied: '/etc/dirsrv/config/slapd-collations.conf'
/etc/dirsrv/config/template-initconfig [Errno 13] Permission denied: '/etc/dirsrv/config/template-initconfig'
/etc/dirsrv/schema/99user.ldif [Errno 13] Permission denied: '/etc/dirsrv/schema/99user.ldif'
-- no debconf information
0 new messages