Infinite loop after restart

[frafra]

Reconfigure slapd...
+ echo 'Reconfigure slapd...'
+ cat
+ debconf-set-selections
+ DEBIAN_FRONTEND=noninteractive
+ dpkg-reconfigure slapd
  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.47+dfsg-3+deb10u7... done.
  Moving old database directory to /var/backups:

  Backup path /var/backups/unknown-2.4.47+dfsg-3+deb10u7.ldapdb exists. Giving up...
[cont-init.d] 000-slapd-package-config: exited 1.
[cont-init.d] 010-tls-certificates: executing... 
+ [[ -f /etc/ldap/ssl/ldap.key ]]
TLS Certificates already present. Using provided certificates
+ [[ -f /etc/ldap/ssl/ldap.crt ]]
+ echo 'TLS Certificates already present. Using provided certificates'
[cont-init.d] 010-tls-certificates: exited 0.
[cont-init.d] 020-filesystem-perms: executing... 
+ chown -R openldap:openldap /etc/ldap
[cont-init.d] 020-filesystem-perms: exited 0.
[cont-init.d] 050-openldap-populate: executing... 
+ slapd -h ldapi:/// -u openldap -g openldap
+ configure_msad_features
+ echo 'Configure MS-AD Extensions'
+ ldapmodify -Y EXTERNAL -H ldapi:/// -f /opt/openldap/bootstrap/config/msad.ldif -Q
Configure MS-AD Extensions
ldap_modify: Type or value exists (20)
      additional info: modify/add: olcAttributeTypes: value #0 already exists
modifying entry "cn={0}core,cn=schema,cn=config"

[cont-init.d] 050-openldap-populate: exited 20.
[cont-init.d] done.
[services.d] starting services
starting slapd
[services.d] done.
6617b7c5 @(#) $OpenLDAP: slapd  (May 14 2022 18:35:44) $
      Debian OpenLDAP Maintainers <[email protected]>
6617b7c6 hdb_db_open: database "dc=planetexpress,dc=com": database already in use.
6617b7c6 backend_startup_one (type=hdb, suffix="dc=planetexpress,dc=com"): bi_db_open failed! (-1)
6617b7c6 slapd stopped.
starting slapd
6617b7c6 @(#) $OpenLDAP: slapd  (May 14 2022 18:35:44) $
      Debian OpenLDAP Maintainers <[email protected]>
6617b7c7 hdb_db_open: database "dc=planetexpress,dc=com": database already in use.
6617b7c7 backend_startup_one (type=hdb, suffix="dc=planetexpress,dc=com"): bi_db_open failed! (-1)
6617b7c7 slapd stopped.
starting slapd
6617b7c7 @(#) $OpenLDAP: slapd  (May 14 2022 18:35:44) $
      Debian OpenLDAP Maintainers <[email protected]>
6617b7c8 hdb_db_open: database "dc=planetexpress,dc=com": database already in use.
6617b7c8 backend_startup_one (type=hdb, suffix="dc=planetexpress,dc=com"): bi_db_open failed! (-1)
6617b7c8 slapd stopped.

I would advise against using VOLUMES in Dockerfile, as not all users are interested in having persistency on these paths, and it looks like it is not possible to just ignore them. Without the volumes the error would not happen.

[OctoNezd]

To anyone with same issue: you can fix this by directly running slapd: /usr/sbin/slapd -h "ldapi:/// ldap://0.0.0.0:10389 ldaps://0.0.0.0:10636" -d 256

[osnard]

I am having the same issue. I wanted to add additional attributes to the users and therefore mount

volumes:
      - ${DATADIR}/ldap/opt/openldap/bootstrap/data:/opt/openldap/bootstrap/data

Now I am getting the database already in use loop. I have also tried to build a local image and removing the VOLUME declaration in the Dockerfile [1]. But that didn't work either. Any hints?

[1]

docker-test-openldap/Dockerfile

Line 34 in 2645f21

VOLUME ["/etc/ldap/slapd.d", "/etc/ldap/ssl", "/var/lib/ldap", "/run/slapd"]

[cadabrum]

I don’t know how to configure the LDAP server correctly, but this hack helped:

rootfs/etc/services.d/slapd/run

#!/usr/bin/with-contenv bash

echo "starting slapd"
/usr/sbin/slapd -h "ldapi:/// ldap://0.0.0.0:10389 ldaps://0.0.0.0:10636" -d 256 -u openldap -g openldap

echo "Removing lock file..."
rm /var/lib/ldap/alock