slapd wont start as zimbra, will start as root

[gtr33m]

After many problems I managed to finish an upgrade to 5.0.10 and all was working fine until I restarted.

ldap wouldn't start because slapd wasn't started.

Launching slapd manually as zimbra produced the following

Code:

zimbra@server1:~/libexec$ /opt/zimbra/openldap/libexec/slapd -d -1 -f /opt/zimbra/conf/slapd.conf -u zimbra
@(#) $OpenLDAP: slapd 2.3.43 (Aug 20 2008 12:21:57) $
	root@build25.lab.zimbra.com:/home/build/p4/FRANKLIN/ThirdParty/openldap/openldap-2.3.43.5z/servers/slapd
daemon_init: <null>
daemon_init: listen on ldap:///
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap:///)
daemon: bind(7) failed errno=13 (Permission denied)
daemon: bind(7) failed errno=13 (Permission denied)
slap_open_listener: failed on ldap:///
slapd stopped.
connections_destroy: nothing to destroy.

Starting it manually as root works fine, and zimbra can be started and runs fine.

Seems to be a permission issue, but I've run zmfixperms as root and the problem is not fixed.

[gtr33m]

Just in case it's a split dns/hosts problem (again!)

Code:

root@server1:/opt/zimbra/libexec# cat /etc/hosts
127.0.0.1	localhost.localdomain localhost
192.168.2.5	server1.medalist.com.au	server1
192.168.2.5	mail.medalist.com.au mail 

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Code:

root@server1:/opt/zimbra/libexec# cat /etc/resolv.conf
nameserver 192.168.2.5
nameserver 192.168.2.1
nameserver 192.168.0.4

Code:

root@server1:/opt/zimbra/libexec# dig medalist.com.au mx

; <<>> DiG 9.4.2-P2 <<>> medalist.com.au mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14923
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;medalist.com.au.		IN	MX

;; ANSWER SECTION:
medalist.com.au.	604800	IN	MX	10 mail.medalist.com.au.

;; AUTHORITY SECTION:
medalist.com.au.	604800	IN	NS	192.168.2.5.medalist.com.au.

;; Query time: 0 msec
;; SERVER: 192.168.2.5#53(192.168.2.5)
;; WHEN: Thu Nov 13 16:04:54 2008
;; MSG SIZE  rcvd: 80

Code:

root@server1:/opt/zimbra/libexec# dig medalist.com.au any

; <<>> DiG 9.4.2-P2 <<>> medalist.com.au any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51191
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;medalist.com.au.		IN	ANY

;; ANSWER SECTION:
medalist.com.au.	604800	IN	MX	10 mail.medalist.com.au.
medalist.com.au.	604800	IN	AAAA	::1
medalist.com.au.	604800	IN	SOA	server1.medalist.com.au. server.medalist.com.au. 3 604800 86400 2419200 604800
medalist.com.au.	604800	IN	NS	192.168.2.5.medalist.com.au.
medalist.com.au.	604800	IN	A	192.168.2.5

;; Query time: 0 msec
;; SERVER: 192.168.2.5#53(192.168.2.5)
;; WHEN: Thu Nov 13 16:05:14 2008
;; MSG SIZE  rcvd: 175

Code:

root@server1:/opt/zimbra/libexec# host `hostname`
server1.medalist.com.au has address 192.168.2.5

[gtr33m]

No I still have this problem in 5.0.11 as

[phoenix]

Quote:

Originally Posted by gtr33m

No I still have this problem in 5.0.11 as

Your hosts file is incorrect and I assume your Zimbra servername is this:

Code:

mail.medalist.com.au

If that's the case you should remove the following line:

Code:

192.168.2.5	server1.medalist.com.au	server1

When you've done that (just to make sure) stop Zimbra and make sure no Zimbra processes are running (kill them if they are) then run (as root):

Code:

/opt/zimbra/libexec/zmfixperms --extended

restart Zimbra when it's done.

[gtr33m]

Hi Bill,

Zimbra servername is server1.medalist.com.au but I also want it respond to mail.medalist.com.au as this is the external dns name for the machine, whereas server1 is the internal dns name.

I'll give it a go on Monday and see what happens. I can always change the server name to mail if need be.

Thanks,

Mark

[phoenix]

Quote:

Originally Posted by gtr33m

Zimbra servername is server1.medalist.com.au but I also want it respond to mail.medalist.com.au as this is the external dns name for the machine, whereas server1 is the internal dns name.

Then you need to remove the other line from your hosts file and leave it as this:

Code:

127.0.0.1	localhost.localdomain localhost
192.168.2.5	server1.medalist.com.au	server1

If you want it to respond to

Code:

mail.medalist.com.au

add a DNS A record to point to the IP adress of your server, nothing else should be needed in your hosts file.

[edit] If you don't have any lan users that use the url of mail.medalist.com.au to get to the server then you don't need any local DNS records for that domain. You only need the hosts file set for the primary domain (obviously the hosts contains the FQDN of your server) on your server and the DNS records are to ensure that the name can be resolved internally.