[rudder-users] LDAP issue

Nicolas Charles nicolas.charles at normation.com
Thu Mar 6 15:35:03 CET 2014 

Hello,

this look a lot like what happened last time, where export didn't have 
all categories, and groups could not be restored...
Which version of Rudder are you doing you export from?

To circumvent the issue, you could:
1/ make your export as the gzip
2/ copy the gzip on the new server
3/ manually synchronise the groups folder from old server to new server
4/ commit the changes in the new server
5/ import from the web interface

Does it solve the issue ?

Regards,
Nicolas

On 06/03/2014 09:54, Prestasit01 wrote:
>
> Hello,
>
> So here are the informations on the servers :
>
> [root at SERVERPROD groups]# pwd
>
> /var/rudder/configuration-repository/groups
>
> [root at SERVERPROD groups]# ls -altr
>
> total 16
>
> drwxr-x--- 2 root root 4096  4 mars  16:59 
> 6c3843bb-92e6-4fd0-b50f-dcb26798b495
>
> drwxr-xr-x 8 root root 4096  4 mars  16:59 ..
>
> drwxr-x--- 3 root root 4096  4 mars  18:04 
> 163d6d00-7f6d-4511-aadf-440421cd8bf1
>
> drwxr-x--- 4 root root 4096  4 mars  18:04 .
>
> [root at SERVERPROD groups]# cd 6c3843bb-92e6-4fd0-b50f-dcb26798b495/
>
> [root at SERVERPROD 6c3843bb-92e6-4fd0-b50f-dcb26798b495]# ls -altr
>
> total 12
>
> drwxr-x--- 2 root root 4096  4 mars  16:59 .
>
> -rw-r----- 1 root root  598  4 mars  17:07 
> 9d01ebc1-f6f7-4c5b-9742-fd42bd89fc38.xml
>
> drwxr-x--- 4 root root 4096  4 mars  18:04 ..
>
> [root at SERVERPROD 6c3843bb-92e6-4fd0-b50f-dcb26798b495]# cd ..
>
> [root at SERVERPROD groups]# cd 163d6d00-7f6d-4511-aadf-440421cd8bf1/
>
> [root at SERVERPROD 163d6d00-7f6d-4511-aadf-440421cd8bf1]# ls -altr
>
> total 12
>
> drwxr-x--- 2 root root 4096  4 mars  18:04 
> a8d7eb7b-9e56-4ccf-9f45-67b75850dda6
>
> drwxr-x--- 4 root root 4096  4 mars  18:04 ..
>
> drwxr-x--- 3 root root 4096  4 mars  18:04 .
>
> [root at SERVERPROD 163d6d00-7f6d-4511-aadf-440421cd8bf1]# cd 
> a8d7eb7b-9e56-4ccf-9f45-67b75850dda6/
>
> [root at SERVERPROD a8d7eb7b-9e56-4ccf-9f45-67b75850dda6]# ls -altr
>
> total 12
>
> -rw-r----- 1 root root 1752  4 mars  18:04 
> bdcedc96-ff67-413b-ae1d-97d67a5312f0.xml
>
> drwxr-x--- 3 root root 4096  4 mars  18:04 ..
>
> drwxr-x--- 2 root root 4096  4 mars  18:04 .
>
> [root at SERVERPROD a8d7eb7b-9e56-4ccf-9f45-67b75850dda6]# locate 
> d41e37d2-5cb8-485a-9183-3388c4a7c009
>
> [root at SERVERPROD a8d7eb7b-9e56-4ccf-9f45-67b75850dda6]#
>
> VS
>
> [root at SERVERTEST groups]# pwd
>
> /var/rudder/configuration-repository/groups
>
> [root at SERVERTEST groups]# ls -altr
>
> total 20
>
> drwxr-x--- 2 root root 4096  4 mars  16:59 
> 6c3843bb-92e6-4fd0-b50f-dcb26798b495
>
> drwxr-xr-x 8 root root 4096  4 mars  16:59 ..
>
> drwxr-x--- 3 root root 4096  4 mars  18:04 
> 163d6d00-7f6d-4511-aadf-440421cd8bf1
>
> drwxr-x--- 4 root root 4096  4 mars  18:04 .
>
> -rw-r----- 1 root root  289  5 mars  16:21 category.xml
>
> [root at SERVERTEST groups]# cd 6c3843bb-92e6-4fd0-b50f-dcb26798b495/
>
> [root at SERVERTEST 6c3843bb-92e6-4fd0-b50f-dcb26798b495]# ls -altr
>
> total 12
>
> drwxr-x--- 2 root root 4096  4 mars  16:59 .
>
> -rw-r----- 1 root root  598  4 mars  17:07 
> 9d01ebc1-f6f7-4c5b-9742-fd42bd89fc38.xml
>
> drwxr-x--- 4 root root 4096  4 mars  18:04 ..
>
> [root at SERVERTEST 6c3843bb-92e6-4fd0-b50f-dcb26798b495]# cd ..
>
> [root at SERVERTEST groups]# cd 163d6d00-7f6d-4511-aadf-440421cd8bf1/
>
> [root at SERVERTEST 163d6d00-7f6d-4511-aadf-440421cd8bf1]# ls -altr
>
> total 12
>
> drwxr-x--- 2 root root 4096  4 mars  18:04 
> a8d7eb7b-9e56-4ccf-9f45-67b75850dda6
>
> drwxr-x--- 4 root root 4096  4 mars  18:04 ..
>
> drwxr-x--- 3 root root 4096  4 mars  18:04 .
>
> [root at SERVERTEST 163d6d00-7f6d-4511-aadf-440421cd8bf1]# cd 
> a8d7eb7b-9e56-4ccf-9f45-67b75850dda6/
>
> [root at SERVERTEST a8d7eb7b-9e56-4ccf-9f45-67b75850dda6]# ls -altr
>
> total 12
>
> -rw-r----- 1 root root 1752  4 mars  18:04 
> bdcedc96-ff67-413b-ae1d-97d67a5312f0.xml
>
> drwxr-x--- 3 root root 4096  4 mars  18:04 ..
>
> drwxr-x--- 2 root root 4096  4 mars  18:04 .
>
> [root at SERVERTEST a8d7eb7b-9e56-4ccf-9f45-67b75850dda6]# locate 
> d41e37d2-5cb8-485a-9183-3388c4a7c009
>
> [root at SERVERTEST a8d7eb7b-9e56-4ccf-9f45-67b75850dda6]#
>
> The only thing which change is the « category.xml » file which is not 
> present on our SERVERPROD (The server which have all groups displayed...)
>
> And as you know, we got a lot of Groups / categories & sub categories. 
> Not just 2.
>
> In addition, many of them were well restored.
>
> Any idea ???
>
> BR
>
> Cedric
>
> *De :*Francois Armand [mailto:francois.armand at normation.com]
> *Envoyé :* mercredi 5 mars 2014 17:54
> *À :* Prestasit01; 'Matthieu CERDA'
> *Cc :* 'rudder-users at lists.rudder-project.org'
> *Objet :* Re: [rudder-users] LDAP issue
>
> On 05/03/2014 17:41, Prestasit01 wrote:
>
>     Hello,
>
>     Thanks François, the error seems away !
>
>     After, I have tested to modify a rule and it worked !
>
>
> Cool !
>
>
>
> But (JI'm testing a lot of thing to check)
>
> I also test to copy our configuration-repository to another rudder 
> server (same version, installed from scratch and without data) and to 
> restore but it gave me that :
>
> So... I'm a little bit affraid... May there is always bad values/data...
>
> Can you told me how to know which is the name of the concerned 
> group ??? just to check from my side ???
>
> Thanks for the support.
>
>
>
> OK,
> For the group name, I fear we don't have a nice UI field for that, you 
> will have to supply the UUID in the URL like that:
> http://yourserver/rudder/secure/nodeManager/groups# 
> <http://yourserver/rudder/secure/nodeManager/groups>{"groupId":"d41e37d2-5cb8-485a-9183-3388c4a7c009"}
>
> You can also check that the group is correctly exported by looking on 
> the archive. You should have, somewhere under the "group" directory, a 
> file named d41e37d2-5cb8-485a-9183-3388c47c009.xml
>
> Hope it helps,
>
>
> BR
>
> Cedric
>
> *De :*Francois Armand [mailto:francois.armand at normation.com]
> *Envoyé :* mercredi 5 mars 2014 14:06
> *À :* Prestasit01; 'Matthieu CERDA'
> *Cc :* 'rudder-users at lists.rudder-project.org 
> <mailto:rudder-users at lists.rudder-project.org>'
> *Objet :* Re: [rudder-users] LDAP issue
>
> Hello,
>
> What you are reporting is very strange, and you are the first one to 
> encounter all these problem with the LDAP back-end, so I suspect that 
> something want really bad when the /var was full, and lead to some 
> kind of corruption of some part of LDAP storage (likelly BDB-related).
>
> All the problem you are seing seems to be linked with a BDB 
> corruption. As soon as the coruption happen, everything starts to fall 
> appart.
>
> I'm fearing that you will have to delete data in base and restart from 
> a back-up with the following process:
>
> |/etc/init.d/slapd stop|
> |/etc/init.d/slapd backup|
> |  |
> |#remove corrupted data|
> |rm -f alock __db.* *.bdb log.*|
> |  |
> |#restore your backup|
> |slapadd -l /var/rudder/ldap/backup/openldap-data-20140305xxxxx.ldif|
> |  |
> |#restart|
> |/etc/init.d/slapd start|
>
>
> Hope it helps !
>
> -- 
>
> ------------------------------------------------------------------------
>
> *François ARMAND*
> /Directeur de la R&D/
> Normation <http://www.normation.com>
>
> ------------------------------------------------------------------------
>
> *87 rue de Turbigo, 75003 Paris, France*
>
> Telephone:
>
> 	
>
> +33 (0)1 83 62 99 23
>
> Mobile:
>
> 	
>
> +33 (0)6 63 37 60 55
>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> Les informations ou pieces jointes contenues dans ce message sont 
> confidentielles. Seul le destinataire expressement vise peut en 
> prendre connaissance. Toute autre personne qui en divulguera, 
> diffusera ou prendra des copies sera passible de poursuites. La 
> societe Ouest-France decline en outre, toute responsabilite de quelque 
> nature que ce soit au titre de ce message s'il a ete altere, deforme 
> ou falsifie.
>
>
> _______________________________________________
> rudder-users mailing list
> rudder-users at lists.rudder-project.org
> http://www.rudder-project.org/mailman/listinfo/rudder-users


-- 
Nicolas CHARLES

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20140306/2cf48aae/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 36995 bytes
Desc: not available
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20140306/2cf48aae/attachment-0001.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 4098 bytes
Desc: not available
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20140306/2cf48aae/attachment-0001.png>

More information about the rudder-users mailing list