Bug #5575
closedUpgrading rudder-inventory-ldap between two major OS versions makes slapd unable to operate because of BerkeleyDB
Description
When an upgrade of Rudder is done after a major OS upgrade (that changes BerkeleyDB to a superior version), slapd refuses to do anything and breaks the update as the database is made for a previous version.
It especially happens during an upgrade from Ubuntu 12.04 to 14.04, like this:- Immediately after the upgrade, BDB switches from 5.1.25 to 5.1.29, making the old slapd from 12.04 unable to do anything
- It makes rudder-inventory-ldap unable to upgrade properly (can't run post/pre in/uninstall scripts) => dead end
- When forced to upgrade anyway, the expected BDB version bumps to 5.1 to 5.3, making a database export/reimport mandatory
- Upgrade to the latest Rudder version
- Before doing anything, export your current LDAP content:
/opt/rudder/sbin/slapcat -f /opt/rudder/etc/openldap/slapd.conf | gzip > /tmp/database-export.ldif.gz
- kill slapd:
killall -9 slapd
- Replace key elements (called by postinst/preinst scripts) by dummies to make the upgrade OK
- Create dummy.sh
#!/bin/sh exit 0
- Install it to the right places
cp /etc/init.d/rudder-slapd /etc/init.d/rudder-slapd.orig chmod +x dummy.sh cp dummy.sh /etc/init.d/rudder-slapd cp dummy.sh /opt/rudder/sbin/slapcat cp dummy.sh /opt/rudder/sbin/slapindex
- Create dummy.sh
- Upgrade Rudder to your target OS version (in this example, from Ubuntu precise to trusty)
- Restore the original init script:
cp /etc/init.d/rudder-slapd.orig /etc/init.d/rudder-slapd
- Import your LDAP backup
cd /var/rudder/ldap/openldap-data/ mv DB_CONFIG ~ rm -rf * cp ~/DB_CONFIG . zcat /tmp/database-export.ldif.gz | /opt/rudder/sbin/slapadd -q
- Restart slapd
service rudder-slapd restart
You should be OK now :)
Updated by Dennis Cabooter about 10 years ago
This:
cd /opt/rudder/ldap/openldap-data/
Should be this:
cd /var/rudder/ldap/openldap-data
Updated by Dennis Cabooter about 10 years ago
Besides /opt/rudder should be /var/rudder, the above workaround works fine and easy. Thank you. :)
Updated by Jonathan CLARKE about 10 years ago
- Description updated (diff)
- Status changed from New to 8
- Assignee set to Matthieu CERDA
- Target version set to 2.6.19
Thanks for noting the typo Dennis. I've updated the description.
The root cause for this is that we package our own OpenLDAP server, but not the underlying database libraries (BerkeleyDB). So, we're going to fix this by bundling a version of BerkeleyDB in our OpenLDAP package (rudder-inventory-ldap). Matthieu will be working on this this week.
Updated by Matthieu CERDA about 10 years ago
- Status changed from 8 to Pending technical review
- Assignee changed from Matthieu CERDA to Jonathan CLARKE
- % Done changed from 0 to 100
- Pull Request set to https://github.com/Normation/rudder-packages/pull/500
Updated by Matthieu CERDA about 10 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset packages:commit:9b7ff7608f3f20596845b493c1038ab9c2ed332a.
Updated by Matthieu CERDA about 10 years ago
Applied in changeset packages:commit:ed13ef58c49e20a1747e0d0991280d3c7e4090d1.
Updated by Matthieu CERDA about 10 years ago
- Target version changed from 2.6.19 to 140
Updated by Matthieu CERDA about 10 years ago
- Target version changed from 140 to 3.0.0~beta1
Updated by Vincent MEMBRÉ about 10 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 3.0.0~beta1 which was release on 01/12/2014.
- Announcement
- Changelog
- Download information: https://www.rudder-project.org/site/get-rudder/downloads/