automatically re-start LDAP in case of crash

[Albrecht Dreß]

Hi Gunnar!

Quoting Gunnar Wrobel <wrobel at pardus.de>:
> Yes. You could either attach this or directly place it in the wiki   
> (which is what I would do with it). As mentioned we don't have   
> monitoring in the Kolab Server at the moment and I guess we are not   
> going to add it in the near future so it should remain an optional  
> add  on which we currently document in the wiki.

Will do that during the weekend (hopefully, if I can resolve the fb  
bug), stay tuned...

> In principle it would be good to understand why the slapd fails though :)

I agree!  Unfortunately, the openldap mailing list wasn't really  
helpful - it has a few references to this type of crash, but not a  
real solution.

> I don't know much about SElinux. DOes it have loggging and does the   
> LDAP crash coincide with a SElinux event?

Well, I have only "half" policies for the Kolab stuff, derived from  
the Ubuntu Hardy reference policies.  Basically, my policies put the  
stuff which lives in a non-standard place (like /kolab/bin instead of  
/usr/bin) into the right domains, and adds rules for the extra  
processes.  Still unfinished, as I mentioned, though. :-(

I had SELinux running in permissive mode, with the dontaudit rules  
being disabled, and also auditd running.  No, there were no SELinux  
events, but I don't know if the dontaudit rules were /really/  
disabled.  E.g. during a SELinux training with one of the Gurus (Ralf  
Spenneberg) we ran into a strange Apache crash on Debian, caused by  
nscd.  It's a truly complicated beast!

Cheers, Albrecht.