On Friday, I updated one of several systems that I manage from version
1.2.11.15 to version 1.2.11.25. Thereafter, the service was unable to
start. The error indicates a problem with SSL that I don't understand.
I've included the relevant section from the "error" log below.
After reverting to the old package, the service starts again.
Does anyone understand this error and have a pointer on resolving it?
yum.log:
Sep 20 15:35:43 Updated: 389-ds-base-libs-1.2.11.15-22.el6_4.x86_64
Sep 20 15:36:24 Updated: 389-ds-base-1.2.11.15-22.el6_4.x86_64
Nov 22 15:03:40 Updated: 389-ds-base-libs-1.2.11.25-1.el6.x86_64
Nov 22 15:05:17 Updated: 389-ds-base-1.2.11.25-1.el6.x86_64
error:
[22/Nov/2013:15:05:08 -0800] - check_and_set_import_cache: pagesize:
4096, pages: 980670, procpages: 52580
[22/Nov/2013:15:05:08 -0800] - Import allocates 1569072KB import cache.
[22/Nov/2013:15:05:08 -0800] Upgrade DN Format - userRoot: Start upgrade
dn format.
[22/Nov/2013:15:05:08 -0800] Upgrade DN Format - Instance userRoot in
/var/lib/dirsrv/slapd-master1/db/userRoot is up-to-date
[22/Nov/2013:15:05:14 -0800] - 389-Directory/1.2.11.25 B2013.325.1951
starting up
[22/Nov/2013:15:05:15 -0800] slapd_get_unlocked_key_for_cert - Error:
could not find any unlocked slots for certificate
[E=postmaster@xxxxxxx,CN=mail.xxx.com,O=xxx,
L=Seattle,ST=Washington,C=US,OID.2.5.4.13=5t6jP8FugTLuYrW8]. Please
review your TLS/SSL configuration. The following slots were found:
[22/Nov/2013:15:05:15 -0800] slapd_get_unlocked_key_for_cert - Slot [NSS
User Private Key and Certificate Services] token [Internal (Software)
Token] was locked.
[22/Nov/2013:15:05:15 -0800] - Can't get private key from cert
Server-Cert in attrcrypt_fetch_private_key: -8049 - Unrecognized Object
IDentifier.
[22/Nov/2013:15:05:15 -0800] - Error: unable to initialize attrcrypt
system for userRoot
[22/Nov/2013:15:05:16 -0800] - start: Failed to start databases, err=-1
Unknown error: -1
[22/Nov/2013:15:05:16 -0800] - Failed to start database plugin ldbm database
[22/Nov/2013:15:05:16 -0800] - WARNING: ldbm instance userRoot already
exists
[22/Nov/2013:15:05:16 -0800] - ldbm_config_read_instance_entries: failed
to add instance entry cn=userRoot,cn=ldbm database,cn=plugins,cn=config
[22/Nov/2013:15:05:16 -0800] - ldbm_config_load_dse_info: failed to read
instance entries
[22/Nov/2013:15:05:16 -0800] - start: Loading database configuration failed
[22/Nov/2013:15:05:16 -0800] - Failed to start database plugin ldbm database
[22/Nov/2013:15:05:16 -0800] - Error: Failed to resolve plugin dependencies
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin 7-bit check is
not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin Account
Usability Plugin is not started
[22/Nov/2013:15:05:16 -0800] - Error: accesscontrol plugin ACL Plugin is
not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin ACL
preoperation is not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin Auto
Membership Plugin is not started
[22/Nov/2013:15:05:16 -0800] - Error: object plugin Class of Service is
not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin deref is not
started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin HTTP Client is
not started
[22/Nov/2013:15:05:16 -0800] - Error: database plugin ldbm database is
not started
[22/Nov/2013:15:05:16 -0800] - Error: object plugin Legacy Replication
Plugin is not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin Linked
Attributes is not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin Managed
Entries is not started
[22/Nov/2013:15:05:16 -0800] - Error: object plugin Multimaster
Replication Plugin is not started
[22/Nov/2013:15:05:16 -0800] - Error: preoperation plugin Pass Through
Authentication is not started
[22/Nov/2013:15:05:16 -0800] - Error: object plugin Roles Plugin is not
started
[22/Nov/2013:15:05:16 -0800] - Error: object plugin Views is not started
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
