[Pacemaker] slapd wrong dn quoting (was: how to enable verbose logging for failed)

Dejan Muhamedagic dejanmm at fastmail.fm
Fri May 18 11:37:59 EDT 2012 

Hi,

On Thu, May 17, 2012 at 01:05:30PM +0400, Igor Zinovik wrote:
> 2012/5/17 Jake Smith <jsmith at argotec.com>:
> >
> > ----- Original Message -----
> >> From: "Andrew Beekhof" <andrew at beekhof.net>
> >> To: "The Pacemaker cluster resource manager" <pacemaker at oss.clusterlabs.org>
> >> Sent: Tuesday, May 15, 2012 7:59:47 PM
> >> Subject: Re: [Pacemaker] how to enable verbose logging for failed
> >>
> >> On Tue, May 15, 2012 at 9:27 PM, Igor Zinovik
> >> <zinovik.igor at gmail.com> wrote:
> >> > 2012/5/14 Andrew Beekhof <andrew at beekhof.net>:
> >> >> On Sat, May 12, 2012 at 11:41 PM, Igor Zinovik
> >> >> <zinovik.igor at gmail.com> wrote:
> >> >>>  Hello.
> >> >>>
> >
> > A little late to the party but...
> >
> > Where are you getting the slapd RA from? And/or what version of it?
> 
> I first tried this one:
> https://raw.github.com/jhohm/resource-agents/master/heartbeat/slapd
> then i tried another one:
> https://raw.github.com/ClusterLabs/resource-agents/master/heartbeat/slapd
> 
> But both of them does not work.
> 
> Why?  Here is the answer:
> lets look at line 434
> ...
>     options="$options -D '$bind_dn' -w '$password'"
> 
> Quotes are the problem.  ldapsearch does not strip them and it uses as bind_dn
> string with quotes chars, that is why my slapd is not starting.  It
> does not accept
> wrong dn.

That seems to pass an invalid dn.

> I applied following patch and thing start working:
> --- slapd.orig  2012-05-17 12:53:33.000000000 +0400
> +++ slapd       2012-05-17 12:51:27.424645326 +0400
> @@ -431,7 +431,7 @@ slapd_monitor()
>    options="-LLL -s base -x"
> 
>    if [ -n "$bind_dn" ]; then
> -    options="$options -D '$bind_dn' -w '$password'"
> +    options="$options -D $bind_dn -w $password"
>    fi
> 
>    [ -z "$1" ] && err_option=""
> 
> 
> I did not came to this solution by myself, guys from
> openldap-techinal@ helped me:
> http://www.openldap.org/lists/openldap-technical/201205/msg00118.html

Tomo-san, how did this work before? I suppose that it did :)

Thanks,

Dejan

P.S. Moving the discussion to linux-ha-dev.

> Kudos to Buchan Milne for solution.
> 
> So... can devs put proposed change to the master branch?
> 
> > What OS?
> 
> Read first message, please.  I use OpenSUSE 12.1 on both nodes.
> 
> > I had a small bit of trouble when I first tried it - I since got a small
> > patch applied to the RA and it runs nicely in my cluster.
> 
> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
> 
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org

More information about the Pacemaker mailing list