Problems with startup on OpenLDAP

Brian Topping topping at codehaus.org
Mon Apr 27 14:17:04 PDT 2009 

Of course I figure this out as soon as I post... lol.  I need to get a  
dog so I can ask him technical problems first.

It appears that the 'ldap' account is not set up with adequate  
permissions to run.  There are a few issues:

1. /opt/local/var/run is set up with permissions as root:admin mode  
755.  slapd wants to write it's pid in there, as I presume other  
daemons will also, so we can't just change the ownership of the  
directory.  In order to fix this, I used dscl to add ldap to the admin  
group:

> sudo dscl localhost append /Local/Default/Groups/admin  
> GroupMembership ldap

2. Then make it group writable:

> sudo chmod g+w /opt/local/var/run/

3. slapd's directories need to be owned by 'ldap' as well:

> sudo chown -R ldap:ldap /opt/local/etc/openldap
> sudo chown -R ldap:ldap /opt/local/var/openldap-data/

There may have been one or two other tweaks I needed to make over the  
course of this, but can't remember them now.

Just curious, is this something that should be handled by the install  
script?  I uninstalled and reinstalled the port a few times and it  
never came up with this.

Thanks,  Brian


On Apr 27, 2009, at 2:56 PM, Brian Topping wrote:

> Hi all,
>
> I searched Trac for this and asked on IRC, hoping someone here has  
> some good info.  I've installed OpenLDAP and have it set up to run  
> from the command line properly, but over the course of a few months,  
> have found that my PostgreSQL starts properly via daemondo / launchd  
> and slapd does not.
>
> Daemondo is running for the slapd process, but slapd is nowhere to  
> be found.
>
> So I tried to hunt down the answer to this paradox over the last  
> several days with vigor and have come up empty.
>
> Does anyone have a clue what I should start looking for?  The only  
> difference I can smell in this is that OpenLDAP is starting from the  
> command line as root and not starting via daemondo because it's  
> trying to launch as user 'ldap'.    But I can't find any logs that  
> would confirm this and thought I would ask here first.
>
> Any thoughts appreciated.
>
> Brian
> _______________________________________________
> macports-users mailing list
> macports-users at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-users/attachments/20090427/227af430/attachment.html>

More information about the macports-users mailing list