无法启动 OpenLDAP 服务器守护程序

【问题标题】:Failed to start OpenLDAP Server Daemon无法启动 OpenLDAP 服务器守护程序
【发布时间】:2019-06-01 06:48:49
【问题描述】:

我正在尝试启动 slapd 服务,但在运行 journalctl -xe 命令后出现以下错误。

Failed to start OpenLDAP Server Daemon.
-- Subject: Unit slapd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit slapd.service has failed.
-- 
-- The result is failed.
Jan 06 11:22:43 scv-ldap01.sesame.local systemd[1]: Unit slapd.service entered failed state.
Jan 06 11:22:43 scv-ldap01.sesame.local systemd[1]: slapd.service failed.
Jan 06 11:22:43 scv-ldap01.sesame.local polkitd[4630]: Unregistered Authentication Agent for unix-process:31319:24705667 (system bus name :1.1226, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, loc
Jan 06 11:23:35 scv-ldap01.sesame.local su[31373]: (to root) sesame on pts/0
Jan 06 11:23:35 scv-ldap01.sesame.local su[31373]: pam_unix(su:session): session opened for user root by sesame(uid=1000)
Jan 06 11:23:35 scv-ldap01.sesame.local dbus[4639]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
Jan 06 11:23:35 scv-ldap01.sesame.local dbus[4639]: [system] Successfully activated service 'org.freedesktop.problems'
Jan 06 11:23:46 scv-ldap01.sesame.local polkitd[4630]: Registered Authentication Agent for unix-process:31416:24712191 (system bus name :1.1232 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/fr
Jan 06 11:23:46 scv-ldap01.sesame.local systemd[1]: Starting OpenLDAP Server Daemon...
-- Subject: Unit slapd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit slapd.service has begun starting up.
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31427]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31427]: pam_unix(runuser:session): session closed for user ldap
Jan 06 11:23:47 scv-ldap01.sesame.local slapcat[31431]: DIGEST-MD5 common mech free
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31438]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31438]: pam_unix(runuser:session): session closed for user ldap
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31440]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31440]: pam_unix(runuser:session): session closed for user ldap
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31442]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jan 06 11:23:47 scv-ldap01.sesame.local runuser[31442]: pam_unix(runuser:session): session closed for user ldap
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: @(#) $OpenLDAP: slapd 2.4.44 (Oct 30 2018 23:14:27) $
                                                              mockbuild@x86-01.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif"
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif"
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: main: TLS init def ctx failed: -1
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: DIGEST-MD5 common mech free
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: slapd stopped.
Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: connections_destroy: nothing to destroy.
Jan 06 11:23:47 scv-ldap01.sesame.local systemd[1]: slapd.service: control process exited, code=exited status=1
Jan 06 11:23:47 scv-ldap01.sesame.local systemd[1]: Failed to start OpenLDAP Server Daemon.
-- Subject: Unit slapd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit slapd.service has failed.
-- 
-- The result is failed.
Jan 06 11:23:47 scv-ldap01.sesame.local systemd[1]: Unit slapd.service entered failed state.
Jan 06 11:23:47 scv-ldap01.sesame.local systemd[1]: slapd.service failed.
Jan 06 11:23:47 scv-ldap01.sesame.local polkitd[4630]: Unregistered Authentication Agent for unix-process:31416:24712191 (system bus name :1.1232, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, loc
lines 3143-3193/3193 (END)

【问题讨论】:

    标签: centos7 openldap


    【解决方案1】:

    下一行显示错误 ldif_read_file:“/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif”上的校验和错误

    需要进行备份并用下一行重新配置服务器

    sudo dpkg-reconfigure slapd

    要小心,因为删除了所有配置,这里再次输入正确的参数

    steps how to

    【讨论】:

      【解决方案2】:

      经过多次尝试

      参考https://bugs.centos.org/view.php?id=6945

      感谢@toracat

      重新安装openldap相关的包确实解决了

      yum reinstall openldap openldap-servers openldap-clients

      【讨论】:

        【解决方案3】: 
        Jan 06 11:23:47 scv-ldap01.sesame.local slapd[31445]: main: TLS init def ctx failed: -1

        解析证书/密钥似乎存在一些问题,用于 TLS (grep tls -ir /etc/openldap/slapd.d/*) 的 grep 并确保 slapd 用户可以访问证书/密钥。

        【讨论】:

          猜你喜欢
          相关资源
          最近更新 更多
          热门标签
          Java Python linux javascript C# Mysql Docker 算法 前端 SpringBoot Redis Vue spring .net 设计模式 .net core c++ kubernetes 数据库 机器学习 大数据 数据结构 微服务 js 人工智能 Go Android 面试 程序员 JVM 云原生 后端 ASP.net core 深度学习 CSS k8s git golang PHP devops Nginx Django React mybatis 架构 多线程 Spring Boot 云计算 LeetCode 分布式