First Last Prev Next    This bug is not in your last search results.
Bug 56471 - failed.ldif for group with lots of memberUid entries - mdb_put failed: MDB_MAP_FULL
failed.ldif for group with lots of memberUid entries - mdb_put failed: MDB_MA...
Status: NEW
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2023-08-22 12:34 CEST by Arvid Requate
Modified: 2023-08-28 08:32 CEST (History)
9 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.086
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2023081821000192
Bug group (optional): Large environments
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2023-08-22 12:34:38 CEST 
We have a UCS@school customer environment where two backup DCs stopped replication with a failed.ldif. Several other Backup DCs don't show this problem. The failing operation was a modify on "Windows Hosts", which attempted a full replace with a lot of memberUid values (see below).

This operation fails with:
===
root@backup02:~/univention-support # ldapmodify -x -w "$(cut -d\" -f2 /etc/ldap/rootpw.conf)" -D "cn=update,${ldap_base}" -f 2023-08-18-failed-ldif/file30QIRf                                                                                                                                          modifying entry "cn=Windows Hosts,cn=groups,$ldap_base"                                                                                       ldap_modify: Other (e.g., implementation specific) error (80)
        additional info: entry update failed
===

With ucr set ldap/debug/level='stats' the syslog shows this error message:
===
Aug 22 11:38:28 backup02.domain.net slapd[28307]: conn=1019 op=1 MOD dn="cn=Windows Hosts,cn=groups,$ldap_base"
Aug 22 11:38:28 backup02.domain.net slapd[28307]: conn=1019 op=1 MOD attr=entryCSN memberUid uniqueMember modifyTimestamp
Aug 22 11:43:23 backup02.domain.net slapd[28307]: mdb_id2entry_put: mdb_put failed: MDB_MAP_FULL: Environment mapsize limit reached(-30792) "cn=w
indows hosts,cn=groups,dc=$ldap_base"
Aug 22 11:43:23 backup02.domain.net slapd[28307]: conn=1019 op=1 RESULT tag=103 err=80 text=entry update failed
===

This has been reported e.g. here:
https://www.mail-archive.com/openldap-technical@openldap.org/msg25747.html


The same ldif shows that since Bug #48545 we adjusted replication.py to behave more efficient for uniqueMember:

=============================
dn:cn=Windows Hosts,cn=groups,$ldap_base
changetype:modify
replace:entryCSN
entryCSN:SOMEVALUE
-
replace:memberUid
memberUid:MEMBER1
...
memberUid:MEMBER18993
-
replace:modifyTimestamp
modifyTimestamp:SOMEVALUE

dn:cn=Windows Hosts,cn=groups,$ldap_base
changetype:modify
replace:entryCSN
entryCSN:SOMEVALUE
-
delete:uniqueMember
uniqueMember:cn=SOMERDN1,cn=computers,ou=SOMEOU,$ldap_base
-
add:uniqueMember
uniqueMember:cn=SOMERDN2,cn=computers,ou=SOMEOU,$ldap_base
-
replace:modifyTimestamp
modifyTimestamp:SOMEVALUE
=============================
First Last Prev Next    This bug is not in your last search results.