Bug 47196 – Change default ldap/debug/level from 0 to "none" to log critical messages

Bug 47196 - Change default ldap/debug/level from 0 to "none" to log critical messages


Summary:	Change default ldap/debug/level from 0 to "none" to log critical messages

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	LDAP
Version:	UCS 4.3
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.3-1-errata
Assigned To:	Arvid Requate
QA Contact:	Felix Botner

URL:	http://www.zytrax.com/books/ldap/ch6/
Keywords:

Depends on:	47356
Blocks:	55121 47452 47639
	Show dependency tree / graph

Reported:	2018-06-14 17:15 CEST by Arvid Requate
Modified:	2022-08-22 14:37 CEST (History)
CC List:	5 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	5: Blocking further progress on the daily work
User Pain:	0.286
Enterprise Customer affected?:	Yes
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2018051721000486
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Arvid Requate

2018-06-14 17:15:17 CEST

When the lmdb backend database reaches its maxsize and the slapd cannot perform a write request it simply terminates itself. With the standard log level of "0", there is actually no log message about the event and the reason.

The slaps.conf manpage says: "In fact, if loglevel is set to 0, no logging occurs, so at least the none level is required to have high priority messages logged."


So we should probably change the default loglevel from 0 to "none" (or its integer representation).



The "LDAP for Rocket Scientists" book by Zytrax explicitly says:

32768 | 0x8000 | none : A misnomer - it will log messages that are not categorized - specifically including critical messages.

Comment 1 Felix Botner

2018-06-29 11:21:29 CEST

argh, we have many LDAP_DEBUG_ANY calls in our overlays

-> pwd
.../svn/patches/openldap/4.3-0-0-ucs/2.4.45+dfsg-1~bpo9+1
-> grep LDAP_DEBUG *| wc -l
68

which means there is quite a bit of (unnecessary) logging with "loglevel 32768"

-> cat /var/log/syslog| grep slapd| wc -l
8551

after creating 1000 users.

So i think we should fix the logging in our overlays first.

Comment 2 Arvid Requate

2018-07-11 09:18:50 CEST

Yes, I also needed to change slapd log levels in connection.c and in the constraint overlay.


r18189 | Fix debug levels in Unviention slapd overlays
d3ffd3d141 | Advisory for OpenLDAP
e040bc7256 | univention-ldap-server.postinst
a9c8aa57d1 | Advisory for univention-ldap
r18190 | Avoid LDAP_DEBUG_NONE and LDAP_DEBUG_ANY if not critical
68178976fb | Advisory-update for OpenLDAP

Comment 3 Felix Botner

2018-07-16 11:34:35 CEST

OK - ldap/debug/level default and update
OK - log level in overlays
OK - logging of critical errors

OK - openldap yaml
OK - univention-ldap yaml

Comment 4 Erik Damrose

2018-07-18 12:20:37 CEST

I was informed that the test results since rebuilding the openldap package are showing problems. I am reopening this bug until this is cleared. Otherwise, the openlap package would be ready for release

Comment 5 Jürn Brodersen

2018-07-23 10:17:10 CEST

Bug 47356 is set to verified.

Comment 6 Felix Botner

2018-07-24 16:10:26 CEST

nothing to do here, already verified

Comment 7 Arvid Requate

2018-07-25 13:56:34 CEST

<http://errata.software-univention.de/ucs/4.3/155.html>
<http://errata.software-univention.de/ucs/4.3/156.html>