Openldap
為什麼 slapd 記錄“connection_read(12): no connection!”?
為什麼 slapd 記錄“connection_read(12):沒有連接!” ?
這是全新安裝。
沒有其他連接。
消息也記錄在
olcLogLevel: none
。命令
kldap1 ~ # ldapwhoami SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 dn:gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
日誌
Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 fd=12 ACCEPT from PATH=/var/run/openldap/slapd.sock (PATH=/var/run/openldap/slapd.sock) Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=0 BIND dn="" method=163 Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=0 BIND authcid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" authzid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=0 BIND dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" mech=EXTERNAL sasl_ssf=0 ssf=71 Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=0 RESULT tag=97 err=0 text= Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.3 Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=1 WHOAMI Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=1 RESULT oid= err=0 text= Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 op=2 UNBIND Jul 25 15:24:37 kldap1 slapd[6137]: conn=1055 fd=12 closed Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection! Jul 25 15:24:37 kldap1 slapd[6137]: connection_read(12): no connection!
配置
kldap1 ~ # ldapsearch -b cn=config "(|(cn=config)(olcDatabase={-1}frontend)(olcDatabase={0}config))" SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 # extended LDIF # # LDAPv3 # base <cn=config> with scope subtree # filter: (|(cn=config)(olcDatabase={-1}frontend)(olcDatabase={0}config)) # requesting: ALL # # config dn: cn=config objectClass: olcGlobal cn: config olcConfigFile: /etc/openldap/slapd.conf olcConfigDir: /etc/openldap/slapd.d/ olcAllows: bind_v2 olcArgsFile: /var/run/openldap/slapd.args olcAttributeOptions: lang- olcAuthzPolicy: none olcConcurrency: 0 olcConnMaxPending: 100 olcConnMaxPendingAuth: 1000 olcGentleHUP: FALSE olcIdleTimeout: 15 olcIndexSubstrIfMaxLen: 4 olcIndexSubstrIfMinLen: 2 olcIndexSubstrAnyLen: 4 olcIndexSubstrAnyStep: 2 olcIndexIntLen: 4 olcLocalSSF: 71 olcPidFile: /var/run/openldap/slapd.pid olcReadOnly: FALSE olcReverseLookup: FALSE olcSaslSecProps: noplain,noanonymous olcSizeLimit: unlimited olcSockbufMaxIncoming: 262143 olcSockbufMaxIncomingAuth: 16777215 olcThreads: 16 olcTimeLimit: unlimited olcTLSCACertificatePath: /etc/ssl/certs/ olcTLSCRLCheck: none olcTLSVerifyClient: try olcToolThreads: 1 olcWriteTimeout: 0 olcLogLevel: stats # {-1}frontend, config dn: olcDatabase={-1}frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: {-1}frontend olcAddContentAcl: FALSE olcLastMod: TRUE olcMaxDerefDepth: 0 olcReadOnly: FALSE olcSchemaDN: cn=Subschema olcSizeLimit: unlimited olcSyncUseSubentry: FALSE olcTimeLimit: unlimited olcMonitoring: FALSE # {0}config, config dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAccess: {0}to * by * none olcAddContentAcl: TRUE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcRootDN: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth olcSyncUseSubentry: FALSE olcMonitoring: FALSE # search result search: 2 result: 0 Success # numResponses: 4 # numEntries: 3
slapd
開始於-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock cldap://'
包含**cldap://**會導致這種行為,原因我現在不打算弄清楚。如果有人可以清楚地回答為什麼會這樣,我會將已接受的答案更改為我們的答案。
本來不想回答我自己的問題,但偶然發現了答案,我想為什麼要浪費別人的時間。