mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
136 lines
4.8 KiB
Plaintext
136 lines
4.8 KiB
Plaintext
# $OpenLDAP$
|
|
# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
|
|
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
|
|
H1: Running slapd
|
|
|
|
{{slapd}}(8) is designed to be run as a standalone service. This
|
|
allows the server to take advantage of caching, manage concurrency
|
|
issues with underlying databases, and conserve system resources.
|
|
Running from {{inetd}}(8) is {{NOT}} an option.
|
|
|
|
|
|
H2: Command-Line Options
|
|
|
|
{{slapd}}(8) supports a number of command-line options as detailed
|
|
in the manual page. This section details a few commonly used options.
|
|
|
|
> -f <filename>
|
|
|
|
This option specifies an alternate configuration file for slapd.
|
|
The default is normally {{F:/usr/local/etc/openldap/slapd.conf}}.
|
|
|
|
> -F <slapd-config-directory>
|
|
|
|
Specifies the slapd configuration directory. The default is {{F:/usr/local/etc/openldap/slapd.d}}
|
|
|
|
If both {{EX:-f}} and {{EX:-F}} are specified, the config file will be read and converted
|
|
to config directory format and written to the specified directory.
|
|
If neither option is specified, slapd will attempt to read the default config
|
|
directory before trying to use the default config file. If a valid config
|
|
directory exists then the default config file is ignored. All of the slap tools
|
|
that use the config options observe this same behavior.
|
|
|
|
> -h <URLs>
|
|
|
|
This option specifies alternative listener configurations. The
|
|
default is {{EX:ldap:///}} which implies {{TERM:LDAP}} over
|
|
{{TERM:TCP}} on all interfaces on the default LDAP port 389. You
|
|
can specify specific host-port pairs or other protocol schemes (such
|
|
as {{EX:ldaps://}} or {{EX:ldapi://}}). For example, {{EX:-h
|
|
"ldaps:// ldap://127.0.0.1:666"}} will create two listeners: one
|
|
for the (non-standard) {{EX:ldaps://}} scheme on all interfaces on
|
|
the default {{EX:ldaps://}} port 636, and one for the standard
|
|
{{EX:ldap://}} scheme on the {{EX:localhost}} ({{loopback}}) interface
|
|
on port 666. Hosts may be specified using using hostnames or
|
|
{{TERM:IPv4}} or {{TERM:IPv6}} addresses. Port values must be
|
|
numeric.
|
|
|
|
> -n <service-name>
|
|
|
|
This option specifies the service name used for logging and
|
|
other purposes. The default service name is {{EX:slapd}}.
|
|
|
|
> -l <syslog-local-user>
|
|
|
|
This option specifies the local user for the {{syslog}}(8)
|
|
facility. Values can be {{EX:LOCAL0}}, {{EX:LOCAL1}}, {{EX:LOCAL2}}, ...,
|
|
and {{EX:LOCAL7}}. The default is {{EX:LOCAL4}}. This option
|
|
may not be supported on all systems.
|
|
|
|
> -u user -g group
|
|
|
|
These options specify the user and group, respectively, to run
|
|
as. {{EX:user}} can be either a user name or uid. {{EX:group}}
|
|
can be either a group name or gid.
|
|
|
|
> -r directory
|
|
|
|
This option specifies a run-time directory. slapd will
|
|
{{chroot}}(2) to this directory after opening listeners but
|
|
before reading any configuration files or initializing
|
|
any backends.
|
|
.
|
|
|
|
> -d <level> | ?
|
|
|
|
This option sets the slapd debug level to <level>. When level is a
|
|
`?' character, the various debugging levels are printed and slapd
|
|
exits, regardless of any other options you give it. Current
|
|
debugging levels are
|
|
|
|
!block table; colaligns="RL"; align=Center; \
|
|
title="Table 7.1: Debugging Levels"
|
|
Level Description
|
|
-1 enable all debugging
|
|
0 no debugging
|
|
1 trace function calls
|
|
2 debug packet handling
|
|
4 heavy trace debugging
|
|
8 connection management
|
|
16 print out packets sent and received
|
|
32 search filter processing
|
|
64 configuration file processing
|
|
128 access control list processing
|
|
256 stats log connections/operations/results
|
|
512 stats log entries sent
|
|
1024 print communication with shell backends
|
|
2048 print entry parsing debugging
|
|
!endblock
|
|
|
|
You may enable multiple levels by specifying the debug option
|
|
once for each desired level. Or, since debugging levels are
|
|
additive, you can do the math yourself. That is, if you want
|
|
to trace function calls and watch the config file being
|
|
processed, you could set level to the sum of those two levels
|
|
(in this case, {{EX: -d 65}}). Or, you can let slapd do the
|
|
math, (e.g. {{EX: -d 1 -d 64}}). Consult {{F: <ldap_log.h>}} for
|
|
more details.
|
|
|
|
Note: slapd must have been compiled with {{EX:-DLDAP_DEBUG}}
|
|
defined for any debugging information beyond the two stats levels
|
|
to be available.
|
|
|
|
|
|
H2: Starting slapd
|
|
|
|
In general, slapd is run like this:
|
|
|
|
> /usr/local/libexec/slapd [<option>]*
|
|
|
|
where {{F:/usr/local/libexec}} is determined by {{EX:configure}}
|
|
and <option> is one of the options described above (or in {{slapd}}(8)).
|
|
Unless you have specified a debugging level (including level {{EX:0}}),
|
|
slapd will automatically fork and detach itself from its controlling
|
|
terminal and run in the background.
|
|
|
|
H2: Stopping slapd
|
|
|
|
To kill off {{slapd}}(8) safely, you should give a command like this
|
|
|
|
> kill -INT `cat /usr/local/var/slapd.pid`
|
|
|
|
where {{F:/usr/local/var}} is determined by {{EX:configure}}.
|
|
|
|
Killing slapd by a more drastic method may cause information loss or
|
|
database corruption.
|