enterprise-support team mailing list archive
-
enterprise-support team
-
Mailing list archive
-
Message #10952
[Bug 2119884] [NEW] slapd fails to start under systemd
Public bug reported:
Ubuntu 25.04 Plucky saw a change from using init to systemd for starting
slapd. When starting slapd using systemd, slapd runs but is terminated
by systemd when it fails to receive a notification (sd_notify) from
slapd that everything is ok.
root@minerva:/etc/apt# lsb_release -rd
Description: Ubuntu 25.04
Release: 25.04
root@minerva:/etc/apt# apt info slapd
Package: slapd
Version: 2.6.9+dfsg-2ubuntu1
Priority: optional
Section: net
Source: openldap
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@xxxxxxxxxxxxxxxx>
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@xxxxxxxxxxxxxxxxxxxxxxx>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 5,195 kB
Provides: ldap-server
Pre-Depends: debconf, init-system-helpers (>= 1.54~)
Depends: libargon2-1 (>= 0~20171227), libc6 (>= 2.38), libcrypt1 (>= 1:4.1.0), libldap2 (= 2.6.9+dfsg-2ubuntu1), li>
Recommends: ldap-utils
Suggests: libsasl2-modules, ufw, libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal
Conflicts: ldap-server
Homepage: https://www.openldap.org/
Download-Size: 1,661 kB
APT-Manual-Installed: yes
APT-Sources: http://au.archive.ubuntu.com/ubuntu plucky/main amd64 Packages
Description: OpenLDAP server (slapd)
This is the OpenLDAP (Lightweight Directory Access Protocol) server
(slapd). The server can be used to provide a standalone directory
service.
root@minerva:/etc/apt# systemctl start slapd.service
Job for slapd.service failed because a timeout was exceeded.
See "systemctl status slapd.service" and "journalctl -xeu slapd.service" for details.
root@minerva:/etc/apt# systemctl status slapd.service
× slapd.service - OpenLDAP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; preset: enabled)
Active: failed (Result: timeout) since Thu 2025-08-07 22:01:36 AEST; 2min 11s ago
Duration: 7h 20min 53.690s
Invocation: 2efc19fa8f9c491b86b1c9039f12dba7
Docs: man:slapd
man:slapd-config
man:slapd-mdb
Process: 87009 ExecStart=sh -c mkdir -p /run/slapd; chown "$SLAPD_USER":"$SLAPD_GROUP" /run/slapd; >
Main PID: 87009 (code=exited, status=0/SUCCESS)
Mem peak: 4.1M
CPU: 49ms
Aug 07 22:00:06 minerva.cording.id.au systemd[1]: Starting slapd.service - OpenLDAP Server Daemon...
Aug 07 22:00:06 minerva.cording.id.au slapd[87009]: @(#) $OpenLDAP: slapd 2.6.9+dfsg-2ubuntu1 (Mar 15 2025 05:58:33>
Ubuntu Developers <ubuntu-devel-discuss@xxxxxxxxxxxxxxx>
Aug 07 22:00:06 minerva.cording.id.au slapd[87009]: slapd starting
Aug 07 22:00:06 minerva.cording.id.au slapd[87009]: systemd sd_notify failed (-13)
Aug 07 22:01:36 minerva.cording.id.au systemd[1]: slapd.service: start operation timed out. Terminating.
Aug 07 22:01:36 minerva.cording.id.au slapd[87009]: daemon: shutdown requested and initiated.
Aug 07 22:01:36 minerva.cording.id.au slapd[87009]: slapd shutdown: waiting for 0 operations/tasks to finish
Aug 07 22:01:36 minerva.cording.id.au slapd[87009]: slapd stopped.
Aug 07 22:01:36 minerva.cording.id.au systemd[1]: slapd.service: Failed with result 'timeout'.
Aug 07 22:01:36 minerva.cording.id.au systemd[1]: Failed to start slapd.service - OpenLDAP Server Daemon.
root@minerva:/usr/lib/systemd/system# more slapd.service
[Unit]
Description=OpenLDAP Server Daemon
After=network.target
# It doesn't really need network-online. Might revisit this for trixie:
# old initscript does have dependency on network-online.
#After=network-online.target
# For binding to particular IPs with systemd-networkd, use
#After=systemd-networkd-wait-online@eth0:no-carrier.service
# (with appropriate name for eth0)
Documentation=man:slapd
Documentation=man:slapd-config
Documentation=man:slapd-mdb
[Service]
Type=notify
# /etc/default/slapd sets:
# SLAPD_SERVICES SLAPD_CONF SLAPD_USER SLAPD_GROUP SLAPD_OPTIONS
# Also can set KRB5_KTNAME
EnvironmentFile=/etc/default/slapd
# can use User=, but it does not accept $Variables (compatibility)
# can use RuntimeDirectory= but it need to be owned by user anyway
ExecStart=sh -c 'mkdir -p /run/slapd; \
chown "$SLAPD_USER":"$SLAPD_GROUP" /run/slapd; \
[ -d "$SLAPD_CONF" ] && confflag=-F || confflag=-f; \
exec /usr/sbin/slapd -d0 \
${SLAPD_SERVICES:+-h "$SLAPD_SERVICES"} \
${SLAPD_USER:+-u "$SLAPD_USER"} \
${SLAPD_GROUP:+-g "$SLAPD_GROUP"} \
${SLAPD_CONF:+$confflag "$SLAPD_CONF"} \
$SLAPD_OPTIONS'
[Install]
WantedBy=multi-user.target
Issue due to missing permission in apparmor usr.sbin.slapd:
# systemd sd_notify
/run/systemd/notify w,
** Affects: openldap (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to openldap in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2119884
Title:
slapd fails to start under systemd
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/2119884/+subscriptions
Follow ups