1# OpenLDAP: pkg/openldap-guide/admin/runningslapd.sdf,v 1.16.2.9 2010/04/13 20:22:34 kurt Exp 2# Copyright 1999-2010 The OpenLDAP Foundation, All Rights Reserved. 3# COPYING RESTRICTIONS APPLY, see COPYRIGHT. 4H1: Running slapd 5 6{{slapd}}(8) is designed to be run as a standalone service. This 7allows the server to take advantage of caching, manage concurrency 8issues with underlying databases, and conserve system resources. 9Running from {{inetd}}(8) is {{NOT}} an option. 10 11 12H2: Command-Line Options 13 14{{slapd}}(8) supports a number of command-line options as detailed 15in the manual page. This section details a few commonly used options. 16 17> -f <filename> 18 19This option specifies an alternate configuration file for slapd. 20The default is normally {{F:/usr/local/etc/openldap/slapd.conf}}. 21 22> -F <slapd-config-directory> 23 24Specifies the slapd configuration directory. The default is {{F:/usr/local/etc/openldap/slapd.d}}. 25 26If both {{EX:-f}} and {{EX:-F}} are specified, the config file will be read and converted 27to config directory format and written to the specified directory. 28If neither option is specified, slapd will attempt to read the default config 29directory before trying to use the default config file. If a valid config 30directory exists then the default config file is ignored. All of the slap tools 31that use the config options observe this same behavior. 32 33> -h <URLs> 34 35This option specifies alternative listener configurations. The 36default is {{EX:ldap:///}} which implies {{TERM:LDAP}} over 37{{TERM:TCP}} on all interfaces on the default LDAP port 389. You 38can specify specific host-port pairs or other protocol schemes (such 39as {{EX:ldaps://}} or {{EX:ldapi://}}). For example, {{EX:-h 40"ldaps:// ldap://127.0.0.1:666"}} will create two listeners: one 41for the (non-standard) {{EX:ldaps://}} scheme on all interfaces on 42the default {{EX:ldaps://}} port 636, and one for the standard 43{{EX:ldap://}} scheme on the {{EX:localhost}} ({{loopback}}) interface 44on port 666. Hosts may be specified using using hostnames or 45{{TERM:IPv4}} or {{TERM:IPv6}} addresses. Port values must be 46numeric. 47 48> -n <service-name> 49 50This option specifies the service name used for logging and 51other purposes. The default service name is {{EX:slapd}}. 52 53> -l <syslog-local-user> 54 55This option specifies the local user for the {{syslog}}(8) 56facility. Values can be {{EX:LOCAL0}}, {{EX:LOCAL1}}, {{EX:LOCAL2}}, ..., 57and {{EX:LOCAL7}}. The default is {{EX:LOCAL4}}. This option 58may not be supported on all systems. 59 60> -u user -g group 61 62These options specify the user and group, respectively, to run 63as. {{EX:user}} can be either a user name or uid. {{EX:group}} 64can be either a group name or gid. 65 66> -r directory 67 68This option specifies a run-time directory. slapd will 69{{chroot}}(2) to this directory after opening listeners but 70before reading any configuration files or initializing 71any backends. 72. 73 74> -d <level> | ? 75 76This option sets the slapd debug level to <level>. When level is a 77`?' character, the various debugging levels are printed and slapd 78exits, regardless of any other options you give it. Current 79debugging levels are 80 81!block table; colaligns="RL"; align=Center; \ 82 title="Table 7.1: Debugging Levels" 83Level Keyword Description 84-1 any enable all debugging 850 no debugging 861 (0x1 trace) trace function calls 872 (0x2 packets) debug packet handling 884 (0x4 args) heavy trace debugging 898 (0x8 conns) connection management 9016 (0x10 BER) print out packets sent and received 9132 (0x20 filter) search filter processing 9264 (0x40 config) configuration processing 93128 (0x80 ACL) access control list processing 94256 (0x100 stats) stats log connections/operations/results 95512 (0x200 stats2) stats log entries sent 961024 (0x400 shell) print communication with shell backends 972048 (0x800 parse) print entry parsing debugging 9816384 (0x4000 sync) syncrepl consumer processing 9932768 (0x8000 none) only messages that get logged whatever log level is set 100!endblock 101 102You may enable multiple levels by specifying the debug option once for each desired level. Or, since debugging levels are additive, you can do the math yourself. That is, if you want to trace function calls and watch the config file being processed, you could set level to the sum of those two levels (in this case, {{EX: -d 65}}). Or, you can let slapd do the math, (e.g. {{EX: -d 1 -d 64}}). Consult {{F: <ldap_log.h>}} for more details. 103 104Note: slapd must have been compiled with {{EX:--enable-debug}} 105defined for any debugging information beyond the two stats levels 106to be available (the default). 107 108 109H2: Starting slapd 110 111In general, slapd is run like this: 112 113> /usr/local/libexec/slapd [<option>]* 114 115where {{F:/usr/local/libexec}} is determined by {{EX:configure}} 116and <option> is one of the options described above (or in {{slapd}}(8)). 117Unless you have specified a debugging level (including level {{EX:0}}), 118slapd will automatically fork and detach itself from its controlling 119terminal and run in the background. 120 121H2: Stopping slapd 122 123To kill off {{slapd}}(8) safely, you should give a command like this 124 125> kill -INT `cat /usr/local/var/slapd.pid` 126 127where {{F:/usr/local/var}} is determined by {{EX:configure}}. 128 129Killing slapd by a more drastic method may cause information loss or 130database corruption. 131