Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Debian package needs to be rebuilt on Debian update #114

Closed
guimard opened this issue Jul 10, 2024 · 8 comments
Closed

Debian package needs to be rebuilt on Debian update #114

guimard opened this issue Jul 10, 2024 · 8 comments
Labels
question

Comments

@guimard
Copy link

guimard commented Jul 10, 2024

After Bookworm update, my Openldap-LTB refuses to start:

668e39cd.0ce33810 0x7fc2f4226740 @(#) $OpenLDAP: slapd 2.5.18 (May 20 2024 22:00:00) $
        openldap
668e39cd.0ce683c2 0x7fc2f4226740 ch_calloc of 1 elems of 60129541696 bytes failed
slapd: ch_malloc.c:107: ch_calloc: Assertion `0' failed.

(same with Bullseye)
@guimard guimard changed the title Neeed rebuild Debian package needs to be rebuilt on Debian update Jul 10, 2024
@coudot
Copy link
Member

coudot commented Jul 10, 2024

Can't reproduce on my side:

# cat /etc/debian_version 
11.10

# slapd-cli debug
slapd-cli: [INFO] Using /usr/local/openldap/etc/openldap/slapd-cli.conf for configuration
slapd-cli: [INFO] Halting OpenLDAP...
slapd-cli: [OK] OpenLDAP stopped
slapd-cli: [INFO] No data backup done
slapd-cli: [INFO] Launching OpenLDAP...
slapd-cli: [OK] File descriptor limit set to 1024
668e422f.0a79b774 0x7f12f977d740 @(#) $OpenLDAP: slapd 2.5.18 (May 20 2024 22:00:00) $
        openldap

Do you see what could be different on my installation?

@guimard
Copy link
Author

guimard commented Jul 10, 2024

My startup script is /usr/local/openldap/libexec/slapd -h ldap://* -u ldap -g ldap -d 256 and give the error (it's a docker)

@davidcoutadeur
Copy link
Contributor

My OpenLDAP 2.5.18 instance on debian 12.6 is also working perfectly.
Maybe is it a problem linked to docker. A memory limit or a mdb database limit reached?

Could you give more details for reproducing the bug?

@davidcoutadeur
Copy link
Contributor

Also no problem with debian:stable docker image:

/usr/local/openldap/libexec/slapd -h ldap://* -u ldap -g ldap -d 256
668e4f4d.0697615c 0x7f2f785b2740 @(#) $OpenLDAP: slapd 2.5.18 (May 20 2024 22:00:00) $
        openldap
668e4f4d.106e7311 0x7f2f785b2740 slapd starting

@guimard
Copy link
Author

guimard commented Jul 10, 2024

My OpenLDAP 2.5.18 instance on debian 12.6 is also working perfectly. Maybe is it a problem linked to docker. A memory limit or a mdb database limit reached?

Could you give more details for reproducing the bug?

Here is my Dockerfile (users are Lemonldap Demo users):

FROM debian:bookworm-slim
ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        apt-transport-https \
        ca-certificates \
        curl \
        gpg \
        wget && \
    curl https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor > /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg && \
    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg] https://ltb-project.org/debian/openldap25/bookworm bookworm main" > /etc/apt/sources.list.d/ltb-project.list && \
    apt-get update && \
    apt-get install -y openldap-ltb openldap-ltb-contrib-overlays openldap-ltb-mdb-utils ldap-utils && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*
COPY ./ldif/config-20230322180123.ldif /var/backups/openldap/
COPY ./ldif/base_ldap_users.ldif /tmp
RUN rm -rf /usr/local/openldap/var/lib/ldap /usr/local/openldap/etc/openldap/slapd.d && \
    mkdir -p /usr/local/openldap/var/lib/ldap && \
    chown -R ldap:ldap /usr/local/openldap/var/lib/ldap && \
    mkdir -p /usr/local/openldap/etc/openldap/slapd.d && \
    chown -R ldap:ldap /usr/local/openldap/etc/openldap/slapd.d && \
    usr/local/openldap/sbin/slapd-cli restoreconfig -b /var/backups/openldap/config-20230322180123.ldif && \
    mkdir -p /usr/local/openldap/var/lib/ldap/data && \
    chown -R ldap:ldap /usr/local/openldap/var/lib/ldap/data && \
    /usr/local/openldap/sbin/slapadd -F /usr/local/openldap/etc/openldap/slapd.d/ -b "dc=example,dc=com" -l /tmp/base_ldap_users.ldif
EXPOSE 389
VOLUME /usr/local/openldap/var/openldap-data
CMD ["/usr/local/openldap/libexec/slapd", "-h", "ldap://*", "-u", "ldap", "-g", "ldap", "-d", "256"]

Worked fine until this month

@davidcoutadeur
Copy link
Contributor

@guimard I have rebuilt and run your image just fine. No problem at all.

I suspect a problem with:

  • your data
  • your configuration
  • as a last resort: maybe a bug upstream, but for now, it's much too early to consider it.

Especially, take care about the permissions: are the permissions correct on the data? If you have mounted a volume, you must ensure that your data belongs to ldap:ldap.

Anyway, there does not seem to be any problem with openldap-ltb packaging by themselves.

@flesueur
Copy link

Hi,

May be related to rroemhild/docker-test-openldap#51 ?

Could you try to add --ulimit nofile=1024 to your docker commandline ?

François

@guimard
Copy link
Author

guimard commented Jul 11, 2024

Hi,

May be related to rroemhild/docker-test-openldap#51 ?

Could you try to add --ulimit nofile=1024 to your docker commandline ?

François

Thanks a lot, this fixes my issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@guimard @coudot @davidcoutadeur @flesueur