Problem: Troubleshooting slapd during an failed.ldif import

listener
failed-ldif
ldap
slapd
ucs-4-4

#1

Problem:

A failed.ldif is found on your server. You may know this article from the past.

Since the introduction of systemd, there might be complications following the article from above.
So try the following steps to reread the failed.ldif

Step 1

Check the slapd status
systemctl status slapd.service
If this looks like this: Active: active (running)

root@master:~# systemctl status slapd.service 
● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
   Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
   Active: active (running) since Wed 2019-05-08 11:25:08 CEST; 1h 4min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 752 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
 Main PID: 1379 (slapd)
    Tasks: 7 (limit: 4915)
   Memory: 16.0M
      CPU: 5.837s
   CGroup: /system.slice/slapd.service
           └─1379 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/

You an try the reread via systemctl restart slapd.service or /etc/init.d/slapd restart

Step 2

If the import/reread fails, then systemctl status from systemd may looks like this:

systemctl status slapd.service·
● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
   Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
   Active: failed (Result: timeout) since Mon 2019-04-15 15:26:58 CEST; 20min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 29566 ExecStop=/etc/init.d/slapd stop (code=exited, status=0/SUCCESS)
  Process: 3654 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
 Main PID: 15274 (code=exited, status=0/SUCCESS)
    Tasks: 4 (limit: 4915)
   Memory: 12.1M
      CPU: 2.966s
   CGroup: /system.slice/slapd.service
           └─3093 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/

Here you see Active: failed (Result: ) but there is a process3093 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/running.
So systemd does not show and therefor does not stop this process next time. Systemd does not feel responsible anymore.

Step 3

You can now kill this process via pkill slapd
If you want to retry the failed.ldif import you can start and stop slapd without systemd like this;
SYSTEMCTL_SKIP_REDIRECT=1 /etc/init.d/slapd start

Step 4

If the import of the failed.ldif went well, or you decided to remove the failed.ldif you have to check if the listener is still running.

ps aufx |grep listener 
root       516  0.0  0.0   4048     0 ?        Ss   11:24   0:00  \_ runsv univention-directory-listener
root     19574  0.0  0.0  14320   968 pts/1    S+   12:20   0:00                  |   \_ grep listener

The listener is not running!
It should look like this:

root       516  0.0  0.0   4048     0 ?        Ss   11:24   0:00  \_ runsv univention-directory-listener
listener  1740  0.0  0.0 2893420  960 ?        S    11:25   0:02  |   \_ /usr/sbin/univention-directory-listener -F -d 2 -b dc=schein,dc=me -m /usr/lib/univention-directory-listener/system -c /var/lib/univention-directory-listener -ZZ -x -D cn=admin,dc=schein,dc=me -y /etc/ldap.secret
root     19574  0.0  0.0  14320   968 pts/1    S+   12:20   0:00                  |   \_ grep listener

You can start the listener via
systemctl restart univention-directory-listener.service


closed #2