6. Running slapd

Slapd can be run in two different modes, stand-alone or from inetd(8). Stand-alone operation is recommended, especially if you are using the LDBM backend. This allows the backend to take advantage of caching and avoids concurrency problems with the LDBM index files. If you are running only a PASSWD or SHELL backend, running from inetd is an option. How to do this is described in the next section, after the command-line options and stand-alone daemon operation are described.

6.1 Command-Line Options

Slapd supports the following command-line options.

-d <level> | ?

This option sets the slapd debug level to <level>. When level is a `?' character, the various debugging levels are printed and slapd exits, regardless of any other options you give it. Current debugging levels are

1 trace function calls
2 debug packet handling
4 heavy trace debugging
8 connection management
16 print out packets sent and received
32 search filter processing
64 configuration file processing
128 access control list processing
256 stats log connections/operations/results
512 stats log entries sent
1024 print communication with shell backends
2048 print entry parsing debugging
65535 enable all debugging

Debugging levels are additive. That is, if you want to trace function calls and watch the config file being processed, you would set level to the sum of those two levels (in this case, 65). Consult <ldap.h> for more details.
Note that slapd must have been compiled with -DLDAP_DEBUG defined for any debugging information beyond the two stats levels to be available.

-f <filename>

This option specifies an alternate configuration file for slapd.

-i

This option tells slapd that it is running from inetd instead of as a stand-alone server. See the next section on running slapd from inetd for more details.

-p <port>

This option specifies an alternate TCP port on which slapd should listen for connections. The default port is 389.

6.2 Running slapd as a Stand-Alone Daemon

In general, slapd is run like this:

$(ETCDIR)/slapd [<option>]*

where ETCDIR has the value you gave in the Make-common file during the pre-build configuration, and <option> is one of the options described below. Unless you have specified a debugging level, slapd will automatically fork and detach itself from its controlling terminal and run in the background. Any of the options given above can be given to slapd to point it at a different configuration file, listen on another port, etc.

To kill off slapd safely, you should give a command like this

kill -TERM `cat $(ETCDIR)/slapd.pid`

Killing slapd by a more drastic method may cause its LDBM databases to be corrupted, as it may need to flush various buffers before it exits. Note that slapd writes its pid to a file called slapd.pid in the ETCDIR you configured in Make-common. You can change the location of this pid file by changing the SLAPD_PIDFILE variable in include/ldapconfig.h.edit.

Slapd will also write its arguments to a file called slapd.args in the ETCDIR you configured in Make-common. You can change the location of the args file by changing the SLAPD_ARGSFILE variable in include/ldapconfig.h.edit.

6.3 Running slapd from inetd

First, make sure that running from inetd(8) is a good idea. If you are using the LDBM backend, it is not. If you are in a high-volume environment, the overhead of running from inetd also makes it a bad idea. Otherwise, you may proceed with the two steps necessary.

Step 1 is to add a line like this to your /etc/services file:

ldap 389 # ldap directory service

Step 2 is to add a line like this to your /etc/inetd.conf file:

ldap stream tcp nowait nobody $(ETCDIR)/slapd slapd -i

where ETCDIR has the value you gave it in the Make-common file during pre-build configuration. Finally, send inetd a HUP signal, and you should be all set.

[View Next Section] [View Previous Section] [Return to Table of Contents]

Send comments about this page to: ldap-support@umich.edu