Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux-HA: Pacemaker

slapd wrong dn quoting (was: how to enable verbose logging for failed)

  

 
Linux-HA pacemaker RSS feed   Index | Next | Previous | View Threaded


dejanmm at fastmail

May 18, 2012, 8:37 AM

Post #1 of 3 (225 views)
Permalink
slapd wrong dn quoting (was: how to enable verbose logging for failed)
Hi,

On Thu, May 17, 2012 at 01:05:30PM +0400, Igor Zinovik wrote:
> 2012/5/17 Jake Smith <jsmith [at] argotec>:
> >
> > ----- Original Message -----
> >> From: "Andrew Beekhof" <andrew [at] beekhof>
> >> To: "The Pacemaker cluster resource manager" <pacemaker [at] oss>
> >> Sent: Tuesday, May 15, 2012 7:59:47 PM
> >> Subject: Re: [Pacemaker] how to enable verbose logging for failed
> >>
> >> On Tue, May 15, 2012 at 9:27 PM, Igor Zinovik
> >> <zinovik.igor [at] gmail> wrote:
> >> > 2012/5/14 Andrew Beekhof <andrew [at] beekhof>:
> >> >> On Sat, May 12, 2012 at 11:41 PM, Igor Zinovik
> >> >> <zinovik.igor [at] gmail> wrote:
> >> >>>  Hello.
> >> >>>
> >
> > A little late to the party but...
> >
> > Where are you getting the slapd RA from? And/or what version of it?
>
> I first tried this one:
> https://raw.github.com/jhohm/resource-agents/master/heartbeat/slapd
> then i tried another one:
> https://raw.github.com/ClusterLabs/resource-agents/master/heartbeat/slapd
>
> But both of them does not work.
>
> Why? Here is the answer:
> lets look at line 434
> ...
> options="$options -D '$bind_dn' -w '$password'"
>
> Quotes are the problem. ldapsearch does not strip them and it uses as bind_dn
> string with quotes chars, that is why my slapd is not starting. It
> does not accept
> wrong dn.

That seems to pass an invalid dn.

> I applied following patch and thing start working:
> --- slapd.orig 2012-05-17 12:53:33.000000000 +0400
> +++ slapd 2012-05-17 12:51:27.424645326 +0400
> @@ -431,7 +431,7 @@ slapd_monitor()
> options="-LLL -s base -x"
>
> if [ -n "$bind_dn" ]; then
> - options="$options -D '$bind_dn' -w '$password'"
> + options="$options -D $bind_dn -w $password"
> fi
>
> [ -z "$1" ] && err_option=""
>
>
> I did not came to this solution by myself, guys from
> openldap-techinal@ helped me:
> http://www.openldap.org/lists/openldap-technical/201205/msg00118.html

Tomo-san, how did this work before? I suppose that it did :)

Thanks,

Dejan

P.S. Moving the discussion to linux-ha-dev.

> Kudos to Buchan Milne for solution.
>
> So... can devs put proposed change to the master branch?
>
> > What OS?
>
> Read first message, please. I use OpenSUSE 12.1 on both nodes.
>
> > I had a small bit of trouble when I first tried it - I since got a small
> > patch applied to the RA and it runs nicely in my cluster.
>
> _______________________________________________
> Pacemaker mailing list: Pacemaker [at] oss
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org

_______________________________________________
Pacemaker mailing list: Pacemaker [at] oss
http://oss.clusterlabs.org/mailman/listinfo/pacemaker

Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org


nozawat at gmail

May 21, 2012, 1:36 AM

Post #2 of 3 (206 views)
Permalink
Re: [Linux-ha-dev] slapd wrong dn quoting (was: how to enable verbose logging for failed) [In reply to]
Hi

> > - options="$options -D '$bind_dn' -w '$password'"
> > + options="$options -D $bind_dn -w $password"
> > fi
> >
> > [ -z "$1" ] && err_option=""
> >
> >
> > I did not came to this solution by myself, guys from
> > openldap-techinal@ helped me:
> > http://www.openldap.org/lists/openldap-technical/201205/msg00118.html
>
> Tomo-san, how did this work before? I suppose that it did :)
>
My environment uses slapd2.3.43 on RHEL5.6.
However, I was able to confirm the same phenomenon in my environment.

I think that I should confirm it in Jeroen.
Probably I think Jeroen to have used Debian.

Regards,
Tomo

On Fri, 18 May 2012 17:37:59 +0200
Dejan Muhamedagic <dejanmm [at] fastmail> wrote:

> Hi,
>
> On Thu, May 17, 2012 at 01:05:30PM +0400, Igor Zinovik wrote:
> > 2012/5/17 Jake Smith <jsmith [at] argotec>:
> > >
> > > ----- Original Message -----
> > >> From: "Andrew Beekhof" <andrew [at] beekhof>
> > >> To: "The Pacemaker cluster resource manager" <pacemaker [at] oss>
> > >> Sent: Tuesday, May 15, 2012 7:59:47 PM
> > >> Subject: Re: [Pacemaker] how to enable verbose logging for failed
> > >>
> > >> On Tue, May 15, 2012 at 9:27 PM, Igor Zinovik
> > >> <zinovik.igor [at] gmail> wrote:
> > >> > 2012/5/14 Andrew Beekhof <andrew [at] beekhof>:
> > >> >> On Sat, May 12, 2012 at 11:41 PM, Igor Zinovik
> > >> >> <zinovik.igor [at] gmail> wrote:
> > >> >>> ?Hello.
> > >> >>>
> > >
> > > A little late to the party but...
> > >
> > > Where are you getting the slapd RA from? And/or what version of it?
> >
> > I first tried this one:
> > https://raw.github.com/jhohm/resource-agents/master/heartbeat/slapd
> > then i tried another one:
> > https://raw.github.com/ClusterLabs/resource-agents/master/heartbeat/slapd
> >
> > But both of them does not work.
> >
> > Why? Here is the answer:
> > lets look at line 434
> > ...
> > options="$options -D '$bind_dn' -w '$password'"
> >
> > Quotes are the problem. ldapsearch does not strip them and it uses as bind_dn
> > string with quotes chars, that is why my slapd is not starting. It
> > does not accept
> > wrong dn.
>
> That seems to pass an invalid dn.
>
> > I applied following patch and thing start working:
> > --- slapd.orig 2012-05-17 12:53:33.000000000 +0400
> > +++ slapd 2012-05-17 12:51:27.424645326 +0400
> > @@ -431,7 +431,7 @@ slapd_monitor()
> > options="-LLL -s base -x"
> >
> > if [ -n "$bind_dn" ]; then
> > - options="$options -D '$bind_dn' -w '$password'"
> > + options="$options -D $bind_dn -w $password"
> > fi
> >
> > [ -z "$1" ] && err_option=""
> >
> >
> > I did not came to this solution by myself, guys from
> > openldap-techinal@ helped me:
> > http://www.openldap.org/lists/openldap-technical/201205/msg00118.html
>
> Tomo-san, how did this work before? I suppose that it did :)
>
> Thanks,
>
> Dejan
>
> P.S. Moving the discussion to linux-ha-dev.
>
> > Kudos to Buchan Milne for solution.
> >
> > So... can devs put proposed change to the master branch?
> >
> > > What OS?
> >
> > Read first message, please. I use OpenSUSE 12.1 on both nodes.
> >
> > > I had a small bit of trouble when I first tried it - I since got a small
> > > patch applied to the RA and it runs nicely in my cluster.
> >
> > _______________________________________________
> > Pacemaker mailing list: Pacemaker [at] oss
> > http://oss.clusterlabs.org/mailman/listinfo/pacemaker
> >
> > Project Home: http://www.clusterlabs.org
> > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> > Bugs: http://bugs.clusterlabs.org
> _______________________________________________________
> Linux-HA-Dev: Linux-HA-Dev [at] lists
> http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
> Home Page: http://linux-ha.org/

--
Tomoya Nozawa


_______________________________________________
Pacemaker mailing list: Pacemaker [at] oss
http://oss.clusterlabs.org/mailman/listinfo/pacemaker

Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org


nozawatm at intellilink

May 22, 2012, 2:43 AM

Post #3 of 3 (198 views)
Permalink
Re: [Linux-ha-dev] slapd wrong dn quoting (was: how to enable verbose logging for failed) [In reply to]
Hi

I received this indication and made below pull request.
<https://github.com/ClusterLabs/resource-agents/pull/95>

Oneself and jeroen did not use this parameter.
I confirmed that the space carried without a problem by this correction.

Many Thanks!!
Tomo.

On Fri, 18 May 2012 17:37:59 +0200
Dejan Muhamedagic <dejanmm [at] fastmail> wrote:

> Hi,
>
> On Thu, May 17, 2012 at 01:05:30PM +0400, Igor Zinovik wrote:
> > 2012/5/17 Jake Smith <jsmith [at] argotec>:
> > >
> > > ----- Original Message -----
> > >> From: "Andrew Beekhof" <andrew [at] beekhof>
> > >> To: "The Pacemaker cluster resource manager" <pacemaker [at] oss>
> > >> Sent: Tuesday, May 15, 2012 7:59:47 PM
> > >> Subject: Re: [Pacemaker] how to enable verbose logging for failed
> > >>
> > >> On Tue, May 15, 2012 at 9:27 PM, Igor Zinovik
> > >> <zinovik.igor [at] gmail> wrote:
> > >> > 2012/5/14 Andrew Beekhof <andrew [at] beekhof>:
> > >> >> On Sat, May 12, 2012 at 11:41 PM, Igor Zinovik
> > >> >> <zinovik.igor [at] gmail> wrote:
> > >> >>> ?Hello.
> > >> >>>
> > >
> > > A little late to the party but...
> > >
> > > Where are you getting the slapd RA from? And/or what version of it?
> >
> > I first tried this one:
> > https://raw.github.com/jhohm/resource-agents/master/heartbeat/slapd
> > then i tried another one:
> > https://raw.github.com/ClusterLabs/resource-agents/master/heartbeat/slapd
> >
> > But both of them does not work.
> >
> > Why? Here is the answer:
> > lets look at line 434
> > ...
> > options="$options -D '$bind_dn' -w '$password'"
> >
> > Quotes are the problem. ldapsearch does not strip them and it uses as bind_dn
> > string with quotes chars, that is why my slapd is not starting. It
> > does not accept
> > wrong dn.
>
> That seems to pass an invalid dn.
>
> > I applied following patch and thing start working:
> > --- slapd.orig 2012-05-17 12:53:33.000000000 +0400
> > +++ slapd 2012-05-17 12:51:27.424645326 +0400
> > @@ -431,7 +431,7 @@ slapd_monitor()
> > options="-LLL -s base -x"
> >
> > if [ -n "$bind_dn" ]; then
> > - options="$options -D '$bind_dn' -w '$password'"
> > + options="$options -D $bind_dn -w $password"
> > fi
> >
> > [ -z "$1" ] && err_option=""
> >
> >
> > I did not came to this solution by myself, guys from
> > openldap-techinal@ helped me:
> > http://www.openldap.org/lists/openldap-technical/201205/msg00118.html
>
> Tomo-san, how did this work before? I suppose that it did :)
>
> Thanks,
>
> Dejan
>
> P.S. Moving the discussion to linux-ha-dev.
>
> > Kudos to Buchan Milne for solution.
> >
> > So... can devs put proposed change to the master branch?
> >
> > > What OS?
> >
> > Read first message, please. I use OpenSUSE 12.1 on both nodes.
> >
> > > I had a small bit of trouble when I first tried it - I since got a small
> > > patch applied to the RA and it runs nicely in my cluster.
> >
> > _______________________________________________
> > Pacemaker mailing list: Pacemaker [at] oss
> > http://oss.clusterlabs.org/mailman/listinfo/pacemaker
> >
> > Project Home: http://www.clusterlabs.org
> > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> > Bugs: http://bugs.clusterlabs.org
> _______________________________________________________
> Linux-HA-Dev: Linux-HA-Dev [at] lists
> http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
> Home Page: http://linux-ha.org/

--
Tomoya Nozawa


_______________________________________________
Pacemaker mailing list: Pacemaker [at] oss
http://oss.clusterlabs.org/mailman/listinfo/pacemaker

Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org

Linux-HA pacemaker RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.