Replication causes fail to start #602
Description
Problem
slapd fails to start with replication enabled from a fresh build.
Errors
Relevant parts from my docker log output:
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:08 | ldap_modify: No such attribute (16)
openldap-0_1 | additional info: modify/delete: olcSyncrepl: no such attribute
openldap-0_1 | ldap_delete: Server is unwilling to perform (53)
openldap-0_1 | ldap_modify: No such attribute (16)
openldap-0_1 | additional info: modify/delete: olcSyncrepl: no such attribute
openldap-0_1 | ldap_delete: Server is unwilling to perform (53)
openldap-0_1 | ldap_modify: No such attribute (16)
openldap-0_1 | additional info: modify/delete: olcServerID: no such attribute
openldap-0_1 | 61b0ae38 conn=1018 fd=12 ACCEPT from PATH=/var/run/slapd/ldapi (PATH=/var/run/slapd/ldapi)
openldap-0_1 | 61b0ae38 conn=1018 op=0 BIND dn="" method=163
openldap-0_1 | 61b0ae38 conn=1018 op=0 BIND authcid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" authzid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
openldap-0_1 | 61b0ae38 conn=1018 op=0 BIND dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" mech=EXTERNAL sasl_ssf=0 ssf=71
openldap-0_1 | 61b0ae38 conn=1018 op=0 RESULT tag=97 err=0 text=
openldap-0_1 | 61b0ae38 connection_input: conn=1018 deferring operation: binding
openldap-0_1 | 61b0ae38 conn=1018 op=1 MOD dn="cn=module{0},cn=config"
openldap-0_1 | 61b0ae38 conn=1018 op=1 MOD attr=olcModuleLoad
openldap-0_1 | 61b0ae38 conn=1018 op=1 RESULT tag=103 err=0 text=
openldap-0_1 | 61b0ae38 conn=1018 op=2 MOD dn="cn=config"
openldap-0_1 | 61b0ae38 conn=1018 op=2 MOD attr=olcServerID
openldap-0_1 | 61b0ae38 conn=1018 op=2 RESULT tag=103 err=0 text=
openldap-0_1 | 61b0ae38 conn=1018 op=3 ADD dn="olcOverlay=syncprov,olcDatabase={0}config,cn=config"
openldap-0_1 | 61b0ae38 conn=1018 op=3 RESULT tag=105 err=0 text=
openldap-0_1 | 61b0ae38 conn=1018 op=4 MOD dn="olcDatabase={0}config,cn=config"
openldap-0_1 | 61b0ae38 conn=1018 op=4 MOD attr=olcSyncRepl olcMirrorMode
openldap-0_1 | 61b0ae38 conn=1018 op=4 RESULT tag=103 err=0 text=
openldap-0_1 | 61b0ae38 conn=1018 op=5 ADD dn="olcOverlay=syncprov,olcDatabase={1}mdb,cn=config"
openldap-0_1 | 61b0ae38 slap_client_connect: URI=ldap://openldap-1 Error, ldap_start_tls failed (-1)
openldap-0_1 | 61b0ae38 do_syncrepl: rid=002 rc -1 retrying
openldap-0_1 | 61b0ae38 conn=1018 op=5 RESULT tag=105 err=0 text=
openldap-0_1 | 61b0ae38 conn=1018 op=6 MOD dn="olcDatabase={1}mdb,cn=config"
openldap-0_1 | 61b0ae38 conn=1018 op=6 MOD attr=olcSyncRepl olcMirrorMode olcLimits
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:10 | LDAP_REPLICATION = true
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:10 | LDAP_REPLICATION_CONFIG_SYNCPROV = binddn="cn=admin,cn=config" bindmethod=simple credentials="$LDAP_CONFIG_PASSWORD" searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:10 | LDAP_REPLICATION_DB_SYNCPROV = binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials="$LDAP_ADMIN_PASSWORD" searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:10 | LDAP_REPLICATION_HOSTS = #COMPLEX_BASH_ENV:TABLE: LDAP_REPLICATION_HOSTS_ROW_1 LDAP_REPLICATION_HOSTS_ROW_2
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:10 | LDAP_REPLICATION_HOSTS_ROW_1 = ldap://openldap-0
openldap-0_1 | *** DEBUG | 2021-12-08 13:08:10 | LDAP_REPLICATION_HOSTS_ROW_2 = ldap://openldap-1
openldap-0_1 | 61b0ae4b @(#) $OpenLDAP: slapd 2.4.57+dfsg-1~bpo10+1 (Jan 30 2021 06:59:51) $
openldap-0_1 | Debian OpenLDAP Maintainers <[email protected]>
openldap-0_1 | 61b0ae4b read_config: no serverID / URL match found. Check slapd -h arguments.
openldap-0_1 | 61b0ae4b slapd stopped.
openldap-0_1 | 61b0ae4b connections_destroy: nothing to destroy.
docker-compose.yml
openldap-0:
command: --loglevel debug
environment:
FQDN: openldap-0
LDAP_ADMIN_PASSWORD: xxx
LDAP_BASE_DN: dc=xxx,dc=org
LDAP_CONFIG_PASSWORD: xxx
LDAP_DOMAIN: xxx.org
LDAP_LOG_LEVEL: '256'
LDAP_ORGANISATION: Xxx
LDAP_READONLY_USER: "true"
LDAP_READONLY_USER_PASSWORD: xxx
LDAP_REPLICATION: "true"
LDAP_REPLICATION_HOSTS: '#PYTHON2BASH:[''ldap://openldap-0'',''ldap://openldap-1'']'
LDAP_RFC2307BIS_SCHEMA: "true"
LDAP_TLS: "true"
LDAP_TLS_VERIFY_CLIENT: never
extra_hosts:
openldap-1: 192.168.13.128
image: osixia/openldap-backup:latest
ports:
- protocol: tcp
published: 389
target: 389
restart: on-failure
volumes:
- /srv/container-volumes/S00432/openldap-0/backup:/data/backup:rw
- /srv/container-volumes/S00432/openldap-0/config:/etc/ldap/slapd.d:rw
- /srv/container-volumes/S00432/openldap-0/data:/var/lib/ldap:rwSeems related to #558, but I can't figure out if that was from a fresh build or an existing site that was upgraded.