issues setting up directory-server-service (389 LDAP server)

Giovanni Biscuolo Fri, 14 Feb 2025 02:38:58 -0800

Hello,

I'm trying to setup an LDAP service in Guix System



This is the configuration I'm using in my operating-system:

--8<---------------cut here---------------start------------->8---

 (service directory-server-service-type
         (directory-server-instance-configuration
          (slapd
           (slapd-configuration
            (root-password 
"{SHA512}JrC6S7YPUeDdFi413Tx6/58zojBHVOmK5DwIagdECKAoBLGrLbgbKaE790wYOnlc/31ElML1HYg91Iqp5Hl9bw==")))))

--8<---------------cut here---------------end--------------->8---

Once I try to apply my new configuration the service does not start:

--8<---------------cut here---------------start------------->8---

g@pistache ~$ time sudo -E guix system reconfigure /etc/config.scm 
The following derivation will be built:
  /gnu/store/1pwijsn0pwm86xi17jpmsbfh691zb9dx-grub.cfg.drv

building /gnu/store/1pwijsn0pwm86xi17jpmsbfh691zb9dx-grub.cfg.drv...
/gnu/store/yp1d9b9i7javigapai23myp1ml87ncki-system
/gnu/store/32bxbirkpv4sr5zd0vvzcsf2z2x78wys-grub.cfg

activating system...
making '/var/guix/profiles/system-70-link' the current system...
populating /etc from /gnu/store/gfn8j3zmzhbajs8vbrcggxssk58h64zn-etc...
setting up privileged programs in '/run/privileged/bin'...

[...]

Starting installation ...
Validate installation settings ...
Create file system structures ...
Create self-signed certificate database ...
Perform post-installation tasks ...
Completed installation for instance: slapd-localhost

[...]

The following derivation will be built:
  /gnu/store/by1a42754n3g2w35nrqlqqgb0g6i7y3i-install-bootloader.scm.drv

building 
/gnu/store/by1a42754n3g2w35nrqlqqgb0g6i7y3i-install-bootloader.scm.drv...
guix system: bootloader successfully installed on '(/dev/sda)'

[...]

shepherd: Starting service directory-server-localhost...
shepherd: PID file '/run/dirsrv/slapd-localhost.pid' did not show up; 
terminating process 1132.
shepherd: Service directory-server-localhost could not be started.

[...]

Run 'herd status' to view the list of services on your system.
WARNING: (guile-user): imported module (guix build utils) overrides core 
binding `delete'
guix system: system loaded for fast reboot with 'reboot --kexec'

--8<---------------cut here---------------end--------------->8---

This is what I get in /var/log/dirsrv/slapd-localhost/errors right after
my Guix System reconfiguration:

--8<---------------cut here---------------start------------->8---

        389-Directory/2.2.2 B1970.001.0000
        localhost:389 (/etc/dirsrv/slapd-localhost)

[14/Feb/2025:11:18:14.044618057 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:14.069769219 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2
[14/Feb/2025:11:18:14.094781812 +0100] - ERR - plugin_setup - "PBKDF2" plugin 
in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:14.120920040 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:14.144775221 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2-SHA1
[14/Feb/2025:11:18:14.169781375 +0100] - ERR - plugin_setup - "PBKDF2-SHA1" 
plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:14.195195485 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:14.219660365 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2-SHA256
[14/Feb/2025:11:18:14.244675275 +0100] - ERR - plugin_setup - "PBKDF2-SHA256" 
plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:14.270218564 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:14.294801088 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2-SHA512
[14/Feb/2025:11:18:14.319773340 +0100] - ERR - plugin_setup - "PBKDF2-SHA512" 
plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:14.609533972 +0100] - NOTICE - slapd_system_isFIPS - Can not 
access /proc/sys/crypto/fips_enabled - assuming FIPS is OFF
[14/Feb/2025:11:18:14.803171062 +0100] - NOTICE - slapd_system_isFIPS - Can not 
access /proc/sys/crypto/fips_enabled - assuming FIPS is OFF
[14/Feb/2025:11:18:15.654731390 +0100] - NOTICE - slapd_system_isFIPS - Can not 
access /proc/sys/crypto/fips_enabled - assuming FIPS is OFF
[14/Feb/2025:11:18:15.712675954 +0100] - INFO - main - 389-Directory/2.2.2 
B1970.001.0000 starting up
[14/Feb/2025:11:18:15.736263900 +0100] - INFO - main - Setting the maximum file 
descriptor limit to: 4096
[14/Feb/2025:11:18:22.042142223 +0100] - INFO - PBKDF2_SHA256 - Based on CPU 
performance, chose 2048 rounds
[14/Feb/2025:11:18:22.078622725 +0100] - WARN - spal_meminfo_get - cgroups v1 
or v2 unable to be read - may not be on this platform ...
[14/Feb/2025:11:18:22.104172929 +0100] - INFO - bdb_config_upgrade_dse_info - 
create config entry from old config
[14/Feb/2025:11:18:22.190250929 +0100] - WARN - spal_meminfo_get - cgroups v1 
or v2 unable to be read - may not be on this platform ...
[14/Feb/2025:11:18:22.219380087 +0100] - NOTICE - bdb_start_autotune - found 
3996068k physical memory
[14/Feb/2025:11:18:22.252727933 +0100] - NOTICE - bdb_start_autotune - found 
3336084k available
[14/Feb/2025:11:18:22.286114050 +0100] - NOTICE - bdb_start_autotune - cache 
autosizing: db cache: 249754k
[14/Feb/2025:11:18:22.320148835 +0100] - WARN - spal_meminfo_get - cgroups v1 
or v2 unable to be read - may not be on this platform ...
[14/Feb/2025:11:18:22.352749550 +0100] - NOTICE - bdb_start_autotune - total 
cache size: 204598681 B; 
[14/Feb/2025:11:18:22.379278575 +0100] - WARN - spal_meminfo_get - cgroups v1 
or v2 unable to be read - may not be on this platform ...
[14/Feb/2025:11:18:22.936500119 +0100] - INFO - slapd_daemon - slapd started.  
Listening on All Interfaces port 389 for LDAP requests
[14/Feb/2025:11:18:22.960958947 +0100] - INFO - slapd_daemon - Listening on 
/run/slapd-localhost.socket for LDAPI requests
[14/Feb/2025:11:18:23.954209453 +0100] - INFO - postop_modify_config_dse - The 
change of nsslapd-securePort will not take effect until the server is restarted
[14/Feb/2025:11:18:24.089707815 +0100] - INFO - op_thread_cleanup - slapd 
shutting down - signaling operation threads - op stack size 2 max work q size 1 
max work q stack size 1
[14/Feb/2025:11:18:24.119628806 +0100] - INFO - ct_thread_cleanup - slapd 
shutting down - signaling connection table threads
[14/Feb/2025:11:18:24.144756479 +0100] - INFO - slapd_daemon - slapd shutting 
down - closing down internal subsystems and plugins
[14/Feb/2025:11:18:24.220309122 +0100] - INFO - bdb_pre_close - Waiting for 5 
database threads to stop
[14/Feb/2025:11:18:25.018721459 +0100] - INFO - bdb_pre_close - All database 
threads now stopped
[14/Feb/2025:11:18:25.177113753 +0100] - INFO - 
connection_post_shutdown_cleanup - slapd shutting down - freed 1 work q stack 
objects - freed 2 op stack objects
[14/Feb/2025:11:18:25.202681941 +0100] - INFO - main - slapd stopped.
[14/Feb/2025:11:18:53.229882760 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:53.251538703 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2
[14/Feb/2025:11:18:53.276513561 +0100] - ERR - plugin_setup - "PBKDF2" plugin 
in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:53.302653233 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:53.326631552 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2-SHA1
[14/Feb/2025:11:18:53.359971509 +0100] - ERR - plugin_setup - "PBKDF2-SHA1" 
plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:53.394457095 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:53.426630655 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2-SHA256
[14/Feb/2025:11:18:53.451630116 +0100] - ERR - plugin_setup - "PBKDF2-SHA256" 
plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:53.477727853 +0100] - ERR - symload_report_error - Netscape 
Portable Runtime error -5977: 
/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so:
 cannot open shared object file: No such file or directory
[14/Feb/2025:11:18:53.509963504 +0100] - ERR - symload_report_error - Could not 
open library 
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so"
 for plugin PBKDF2-SHA512
[14/Feb/2025:11:18:53.543341686 +0100] - ERR - plugin_setup - "PBKDF2-SHA512" 
plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:11:18:53.591064835 +0100] - NOTICE - slapd_system_isFIPS - Can not 
access /proc/sys/crypto/fips_enabled - assuming FIPS is OFF
[14/Feb/2025:11:18:53.626721228 +0100] - NOTICE - slapd_system_isFIPS - Can not 
access /proc/sys/crypto/fips_enabled - assuming FIPS is OFF
[14/Feb/2025:11:18:54.072597972 +0100] - NOTICE - slapd_system_isFIPS - Can not 
access /proc/sys/crypto/fips_enabled - assuming FIPS is OFF
[14/Feb/2025:11:18:54.160759894 +0100] - INFO - slapd_extract_cert - CA CERT 
NAME: Self-Signed-CA
[14/Feb/2025:11:18:54.193454540 +0100] - WARN - Security Initialization - /tmp 
is not a private namespace. pem files not exported there

--8<---------------cut here---------------end--------------->8---

I already filed the bug report #76280 for the missing "PBKDF2-SHA512"
plugin: https://issues.guix.gnu.org/76280 ; but AFAIU that's not the
problem with my current setup

Is it possible that the server does not start because the last
WARN(ning) stating "/tmp is not a private namespace"?

Happy hacking, Gio'

-- 
Giovanni Biscuolo

Xelera IT Infrastructures

signature.asc
Description: PGP signature

issues setting up directory-server-service (389 LDAP server)

Reply via email to