[Fedora-directory-users] DS Failed to start
Rich Megginson
rmeggins at redhat.com
Mon Jan 7 21:33:21 UTC 2008
kiran madala wrote:
> I am not sure why this has to be made so difficult. I was able to restore to previous state because I am using VMWare. However when I enabled SSL and tried to restart manually. This is the error I got
>
> Enter PIN for Internal (Software) Token:
> [07/Jan/2008:14:43:00 -0500] - SSL alert: CERT_VerifyCertificateNow: verify certificate failed for cert server-cert of family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8179 - Peer's Certificate issuer is not recognized.)
> [07/Jan/2008:14:43:00 -0500] - SSL failure: None of the cipher are valid
>
> then I went to the configuration directory on /etc/dirsrv/slapd-248 and changed the names of cert8.db and key3.db to slapd-248-cert8.db and slapd-248- key3.db (slapd-248 is the instance name) and tried to change to .pfx file by executing the command
>
> pk12util -d , -P slapd-248- -o servercert.pfx -n Server-Cert
>
> Then this is the error I get
>
> pk12util: function failed: security library: bad database.
>
> I generated the certificate using windows 2003 CA service and installed it using the remote DS console. Again I am using fedora 1.1 ds on fedora 6 on x86 machine.
>
> Any Idea how do i proceed?
>
What directions/instructions are you attempting to follow to set up
SSL? Note that since you are using Fedora DS 1.1, the -P prefix
argument is no longer used - since the key/cert db are in their own
instance specific directory, they should just be called cert8.db and
key3.db.
The error suggests a problem with the CA cert. Try this
cd /etc/dirsrv/slapd-248
certutil -L -d .
Finally, I'm not sure what enabling SSL would have to do with making the
database unrecoverable - were you previously running Fedora DS 1.0.4 on
this system and did an in-place upgrade?
> Thank you.
> ----------------------------------------
>
>> From: kirankmadala at hotmail.com
>> To: fedora-directory-users at redhat.com
>> Subject: RE: [Fedora-directory-users] DS Failed to start
>> Date: Mon, 7 Jan 2008 15:23:20 -0400
>>
>>
>> Its fedora ds 1.1 on fedora 6 on x86 machine.
>> ----------------------------------------
>>
>>> Date: Mon, 7 Jan 2008 11:58:36 -0700
>>> From: rmeggins at redhat.com
>>> To: fedora-directory-users at redhat.com
>>> Subject: Re: [Fedora-directory-users] DS Failed to start
>>>
>>> kiran madala wrote:
>>>
>>>> Hello,
>>>> I was experimenting with fedora ds sync with active directory. In the process I installed a certificate on the DS. Then I restarted usign the remote admin console with out enabling ssl but the DS failed to restart. I have the error log below. It seems like the DS database got corrucpted how do i recover it?
>>>>
>>>>
>>> What platform?
>>>
>>>> [07/Jan/2008:13:44:37 -0500] - slapd shutting down - signaling operation threads
>>>> [07/Jan/2008:13:44:41 -0500] - slapd shutting down - waiting for 30 threads to terminate
>>>> [07/Jan/2008:13:44:41 -0500] - slapd shutting down - closing down internal subsystems and plugins
>>>> [07/Jan/2008:13:44:42 -0500] - Waiting for 4 database threads to stop
>>>> [07/Jan/2008:13:44:42 -0500] - All database threads now stopped
>>>> [07/Jan/2008:13:47:43 -0500] - Fedora-Directory/1.1.0 B2007.354.1236 starting up
>>>> [07/Jan/2008:13:47:43 -0500] - Detected Disorderly Shutdown last time Directory Server was running, recovering database.
>>>> [07/Jan/2008:13:47:45 -0500] - libdb: Improper file close at 1/1042383
>>>> [07/Jan/2008:13:47:54 -0500] - libdb: Recovery function for LSN 1 1042383 failed on forward pass
>>>> [07/Jan/2008:13:47:55 -0500] - libdb: PANIC: Invalid argument
>>>> [07/Jan/2008:13:47:55 -0500] - libdb: PANIC: fatal region error detected; run recovery
>>>> [07/Jan/2008:13:47:55 -0500] - Database Recovery Process FAILED. The database is not recoverable. err=-30977: DB_RUNRECOVERY: Fatal error, run database recovery
>>>> [07/Jan/2008:13:47:55 -0500] - Please make sure there is enough disk space for dbcache (10000000 bytes) and db region files
>>>> [07/Jan/2008:13:47:55 -0500] - start: Failed to init database, err=-30977 DB_RUNRECOVERY: Fatal error, run database recovery
>>>> [07/Jan/2008:13:47:55 -0500] - Failed to start database plugin ldbm database
>>>> [07/Jan/2008:13:47:55 -0500] - WARNING: ldbm instance userRoot already exists
>>>> [07/Jan/2008:13:47:55 -0500] - WARNING: ldbm instance NetscapeRoot already exists
>>>> [07/Jan/2008:13:47:55 -0500] binder-based resource limits - nsLookThroughLimit: parameter error (slapi_reslimit_register() already registered)
>>>> [07/Jan/2008:13:47:55 -0500] - start: Resource limit registration failed
>>>> [07/Jan/2008:13:47:55 -0500] - Failed to start database plugin ldbm database
>>>> [07/Jan/2008:13:47:55 -0500] - Error: Failed to resolve plugin dependencies
>>>> [07/Jan/2008:13:47:55 -0500] - Error: preoperation plugin 7-bit check is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: accesscontrol plugin ACL Plugin is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: preoperation plugin ACL preoperation is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: object plugin Class of Service is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: preoperation plugin HTTP Client is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: database plugin ldbm database is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: object plugin Legacy Replication Plugin is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: object plugin Multimaster Replication Plugin is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: object plugin Roles Plugin is not started
>>>> [07/Jan/2008:13:47:55 -0500] - Error: object plugin Views is not started
>>>> [07/Jan/2008:13:48:14 -0500] - Fedora-Directory/1.1.0 B2007.354.1236 starting up
>>>> [07/Jan/2008:13:48:14 -0500] - Detected Disorderly Shutdown last time Directory Server was running, recovering database.
>>>> [07/Jan/2008:13:48:14 -0500] - libdb: Improper file close at 1/1042383
>>>> [07/Jan/2008:13:48:16 -0500] - libdb: Recovery function for LSN 1 1042383 failed on forward pass
>>>> [07/Jan/2008:13:48:16 -0500] - libdb: PANIC: Invalid argument
>>>> [07/Jan/2008:13:48:16 -0500] - libdb: PANIC: fatal region error detected; run recovery
>>>> [07/Jan/2008:13:48:16 -0500] - Database Recovery Process FAILED. The database is not recoverable. err=-30977: DB_RUNRECOVERY: Fatal error, run database recovery
>>>> [07/Jan/2008:13:48:16 -0500] - Please make sure there is enough disk space for dbcache (10000000 bytes) and db region files
>>>> [07/Jan/2008:13:48:16 -0500] - start: Failed to init database, err=-30977 DB_RUNRECOVERY: Fatal error, run database recovery
>>>> [07/Jan/2008:13:48:16 -0500] - Failed to start database plugin ldbm database
>>>> [07/Jan/2008:13:48:16 -0500] - WARNING: ldbm instance userRoot already exists
>>>> [07/Jan/2008:13:48:16 -0500] - WARNING: ldbm instance NetscapeRoot already exists
>>>> [07/Jan/2008:13:48:16 -0500] binder-based resource limits - nsLookThroughLimit: parameter error (slapi_reslimit_register() already registered)
>>>> [07/Jan/2008:13:48:16 -0500] - start: Resource limit registration failed
>>>> [07/Jan/2008:13:48:16 -0500] - Failed to start database plugin ldbm database
>>>> [07/Jan/2008:13:48:16 -0500] - Error: Failed to resolve plugin dependencies
>>>> [07/Jan/2008:13:48:16 -0500] - Error: preoperation plugin 7-bit check is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: accesscontrol plugin ACL Plugin is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: preoperation plugin ACL preoperation is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: object plugin Class of Service is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: preoperation plugin HTTP Client is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: database plugin ldbm database is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: object plugin Legacy Replication Plugin is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: object plugin Multimaster Replication Plugin is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: object plugin Roles Plugin is not started
>>>> [07/Jan/2008:13:48:16 -0500] - Error: object plugin Views is not started
>>>>
>>>>
>>>>
>>>> _________________________________________________________________
>>>> Discover new ways to stay in touch with Windows Live! Visit the City @ Live today!
>>>> http://getyourliveid.ca/?icid=LIVEIDENCA006
>>>>
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
>>>>
>> _________________________________________________________________
>> Discover new ways to stay in touch with Windows Live! Visit the City @ Live today!
>> http://getyourliveid.ca/?icid=LIVEIDENCA006
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
> _________________________________________________________________
> Introducing the City @ Live! Take a tour!
> http://getyourliveid.ca/?icid=LIVEIDENCA006
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080107/ec05b8b7/attachment.bin>
More information about the Fedora-directory-users
mailing list