1

Topic: problem post power-cut

==== Provide basic information to help troubleshoot ====
- iRedMail version: 0.7.3
- Linux/BSD distribution name and version: fbsd 8.2
- Any related log? Log is helpful for troubleshooting.
====

Hello.
Yesterday, i just installed a reverse proxy in front of email server (iredmail machine). Just after, a power-cut arrived.
After reboot,  iredmail machine does't work :
- webpages works (  myip/mail, myip/iredadmin), but i cannot login with no one (in localhost or with internet):
for myip/mail : it says login failed.
for myip/iredadmin: it says server is down, please contact admin

I don't know if the problem result of power cut or reverse proxy (or both?).
Reverse proxy woks perfectly with other domains.

Maybe it because i do a bad port redirection :
443 => reverse proxy
25=> redmail machine
...

sometimes, a pop-up appears and says :
mail postfix/trivial-rewrite[XXXX]: fatal: proxy ldap:/usr/local/etc/postix/ldap/virtual_mailbox_domains.cf(0),lock:fold_fix): table lookup problem

If someone can help me.... i am lost!

2

Re: problem post power-cut

It seems OpenLDAP was not running on iRedMail server, please fix it first. Then webmail and iRedAdmin should be back.

3 (edited by goraxmax 2011-10-27 05:14:31)

Re: problem post power-cut

Good evening,
at the boot of fbsd (which contain iredmail)
i have no errors corresponding with openldap : it says "Starting SLAPD"
There is just one warning :
postfi/postfix-script : warning  /var/spool/postfx/etc/resolv.conf and /etc/resolv.conf differ
the line after, it says :
postfix/postfix-script: starting the Postfix mail system.

Just below the log of ldap
"
Oct 3 XX:XX:XX mail slapd[XXX]: @(#) $OpenLDAP: slapd 2.4.XX (Oct 2 2011 17:26:27)  $ root@mail.iredmail.org:/usr/ports/net/openldap24-server/work/openldap-2.4.XX/servers/slapd
"
I see no problems on this line (but i am not expert)

What can i do?

4

Re: problem post power-cut

iRedmail machine was offline for 3 days. Now I noticed that the clamAV deamon will not start. Log says DB is malformed, and hence Clam will not start

5

Re: problem post power-cut

clamav is running for me.
but when i try to start slapd (/usr/local/etc/rc.d/slapd start), there is no warning to alert if slapd is running or not.
so i did this commandline "slaptest" and it says
"  bdb_bd_open: database "dc=XXX,dc=XX" cannot be opened, err 22. Restore from backup!
backend_startup_one (type=bdb, suffix="dc=XXX,dc=XX"): bi_db_open failed (22)

we progress smile

an idea to repair?

6

Re: problem post power-cut

linusaurus wrote:

iRedmail machine was offline for 3 days. Now I noticed that the clamAV deamon will not start. Log says DB is malformed, and hence Clam will not start

You should post issue here earlier, so that others can help you.

7

Re: problem post power-cut

goraxmax wrote:

but when i try to start slapd (/usr/local/etc/rc.d/slapd start), there is no warning to alert if slapd is running or not.
so i did this commandline "slaptest" and it says
"  bdb_bd_open: database "dc=XXX,dc=XX" cannot be opened, err 22. Restore from backup!
backend_startup_one (type=bdb, suffix="dc=XXX,dc=XX"): bi_db_open failed (22)

Seems there's something wrong with LDAP data, try to repaire it with command "slapd_db_recover".

Recovery summary:

- Make sure OpenLDAP is not running.
- Copy whole directory of LDAP data as a backup. It should be /var/db/openldap-data on FreeBSD.
- Run command slapd_db_recover to recovery LDAP data:

# slapd_db_recover -v -h /var/lib/ldap

- Try to start OpenLDAP service.

P.S. Do not forget to backup you OpenLDAP data with cron job: http://iredmail.org/wiki/index.php?titl … FAQ/Backup

8

Re: problem post power-cut

Thanks for the response, but i am not out of this problem smile

i checked if openldap was not running,
i copied the dorectory /var/db/openldap-data
the problem is command "slapd_bd_recover" do not work (the command /usr/sbin/slapd_db_recover do not work too)
:s.  Fbsd says : command  not found
i am looking for a command line which exist in freebsd but not found at this time :s

9

Re: problem post power-cut

Oops, my mistake, the command should be:

# slapd_db_recover -v -h /var/db/openldap-data/

Did you try to use absolute path instead of just command name? for example, /usr/local/sbin/slapd_db_recover, or /usr/local/libexec/slapd_db_recover.

10

Re: problem post power-cut

Hello,
the commands do not work :
# slapd_db_recover -v -h /var/db/openldap-data/
or with the 2 pathnames :
/usr/local/sbin/slapd_db_recover,
or /usr/local/libexec/slapd_db_recover.

:s

i have check my sqldatabase :

mysqlcheck --force -repair -u root -p -A

with some tables i have "OK", with other tables i have this response:
" the storage engine for the table doesn't support repair roundcubemail.contactgroupmenbers"
or " the storage engine for the table doesn't support repair roundcubemail.contactgroups"
or " the storage engine for the table doesn't support repair roundcubemail.contact"
or " the storage engine for the table doesn't support repair roundcubemail.identities"
or " the storage engine for the table doesn't support repair roundcubemail.mesages"
or " the storage engine for the table doesn't support repair roundcubemail.session"
...

I don't know if it can help you but i prefer to inform.

Have you somes advices for me?
thanks smile

11

Re: problem post power-cut

Well, what's the problem now? Do you have OpenLDAP running? Any related error log?

12 (edited by goraxmax 2011-11-02 14:07:53)

Re: problem post power-cut

Hello,
the openldap not running ever....
log is ever :
"Oct 3 XX:XX:XX mail slapd[XXX]: @(#) $OpenLDAP: slapd 2.4.XX (Oct 2 2011 17:26:27)  $ root@mail.iredmail.org:/usr/ports/net/openldap24-server/work/openldap-2.4.XX/servers/slapd"

and  command line 
slapd_db_recover
do not exist on freebsd :s

13

Re: problem post power-cut

Please set "loglevel 256" in OpenLDAP config file,  restart OpenLDAP service, then check its log file /var/log/openldap.log, paste related error log here to help troubleshoot.

14

Re: problem post power-cut

Hello,
i have change ldpa.conf to loglevel256

the log are juste below
"Oct 26 21:28:28 mail slapd: slap_destroy(): undefined mode (0).
Oct 26 21:28:28 mail slapd: lt_dlexit failed: library already shutdown
Oct 26 21:28:28 mail slapd: slapd stopped.
Oct 26 21:28:28 mail slapd: connections_destroy: nothing to destroy.
Oct 26 21:28:36 mail slapd: slapd stopped.
Oct 26 21:28:36 mail slapd: connections_destroy: nothing to destroy.
Oct 26 21:28:46 mail slapd: slap_destroy(): undefined mode (0).
Oct 26 21:28:46 mail slapd: lt_dlexit failed: library already shutdown
Oct 26 21:28:46 mail slapd: slapd stopped.
Oct 26 21:28:46 mail slapd: connections_destroy: nothing to destroy."

and
"Nov  2 16:19:26 mail slapd[702]: @(#) $OpenLDAP: slapd 2.4.26 (Oct  2 2011 17:26:27) $     root@mail.iredmail.org:/usr/ports/net/openldap24-server/work/openldap-2.4.26/servers/slapd

Nov  2 16:19:27 mail slapd[703]: bdb_db_open: database "dc=XXX,dc=XX" cannot be opened, err 22. Restore from backup!

Nov  2 16:19:27 mail slapd[703]: bdb(dc=XXX,dc=XX): txn_checkpoint interface requires an environment configured for the transaction subsystem

Nov  2 16:19:27 mail slapd[703]: bdb_db_close: database "dc=XXX,dc=XX": txn_checkpoint failed: Invalid argument (22).

Nov  2 16:19:27 mail slapd[703]: backend_startup_one (type=bdb, suffix="dc=XXX,dc=XX"): bi_db_open failed! (22)

Nov  2 16:19:27 mail slapd[703]: bdb_db_close: database "dc=XXX,dc=XX": alock_close failed

Nov  2 16:19:27 mail slapd[703]: slapd stopped.

Nov  2 19:05:17 mail slapd[712]: @(#) $OpenLDAP: slapd 2.4.26 (Oct  2 2011 17:26:27) $     root@mail.iredmail.org:/usr/ports/net/openldap24-server/work/openldap-2.4.26/servers/slapd

Nov  2 19:05:18 mail slapd[713]: bdb_db_open: database "dc=XXX,dc=XX" cannot be opened, err 22. Restore from backup!

Nov  2 19:05:18 mail slapd[713]: bdb(dc=XXX,dc=XX): txn_checkpoint interface requires an environment configured for the transaction subsystem

Nov  2 19:05:18 mail slapd[713]: bdb_db_close: database "dc=XXX,dc=XX": txn_checkpoint failed: Invalid argument (22).

Nov  2 19:05:18 mail slapd[713]: backend_startup_one (type=bdb, suffix="dc=XXX,dc=XX"): bi_db_open failed! (22)

Nov  2 19:05:18 mail slapd[713]: bdb_db_close: database "dc=XXX,dc=XX": alock_close failed

Nov  2 19:05:18 mail slapd[713]: slapd stopped.

Nov  2 19:44:03 mail slapd[702]: @(#) $OpenLDAP: slapd 2.4.26 (Oct  2 2011 17:26:27) $     root@mail.iredmail.org:/usr/ports/net/openldap24-server/work/openldap-2.4.26/servers/slapd

Nov  2 19:44:03 mail slapd[703]: bdb_db_open: database "dc=XXX,dc=XX" cannot be opened, err 22. Restore from backup!

Nov  2 19:44:03 mail slapd[703]: bdb(dc=XXX,dc=XX): txn_checkpoint interface requires an environment configured for the transaction subsystem

Nov  2 19:44:03 mail slapd[703]: bdb_db_close: database "dc=XXX,dc=XX": txn_checkpoint failed: Invalid argument (22).

Nov  2 19:44:03 mail slapd[703]: backend_startup_one (type=bdb, suffix="dc=XXX,dc=XX"): bi_db_open failed! (22)

Nov  2 19:44:03 mail slapd[703]: bdb_db_close: database "dc=XXX,dc=XX": alock_close failed

Nov  2 19:44:03 mail slapd[703]: slapd stopped."

What should i do?

smile

15

Re: problem post power-cut

goraxmax wrote:

Nov  2 16:19:27 mail slapd[703]: bdb_db_close: database "dc=XXX,dc=XX": txn_checkpoint failed: Invalid argument (22).

It reports an issue of OpenLDAP setting "checkpoint", did you modify OpenLDAP config file?
Could you please paste whole slapd.conf here? REMOVE rootdn and rootpw before posting.

Also, a reference of "checkpoint":
http://www.zytrax.com/books/ldap/ch6/bd … checkpoint

16

Re: problem post power-cut

I did not modify slapd.conf file.

just below the entire file
"
#

# File generated by iRedMail (2011.10.02.19.40.17):

#

# Version:  0.7.3

# Project:  http://www.iredmail.org/

#

# Community: http://www.iredmail.org/forum/

#



# Schemas.

include     /usr/local/etc/openldap/schema/core.schema

include     /usr/local/etc/openldap/schema/corba.schema

include     /usr/local/etc/openldap/schema/cosine.schema

include     /usr/local/etc/openldap/schema/inetorgperson.schema

include     /usr/local/etc/openldap/schema/nis.schema

# Integrate Amavisd-new.

include     /usr/local/etc/openldap/schema/amavisd-new.schema

# Schema provided by iRedMail.

include     /usr/local/etc/openldap/schema/iredmail.schema



# Where the pid file is put. The init.d script will not stop the

# server if you change this.

pidfile     /var/run/openldap/slapd.pid



# List of arguments that were passed to the server

argsfile    /var/run/openldap/slapd.args



# TLS files.

TLSCACertificateFile /etc/ssl/certs/XXXXXXXX
TLSCertificateFile /etc/ssl/certs/XXXXXXXX
TLSCertificateKeyFile /etc/ssl/private/XXXXXX


# Modules.

modulepath  /usr/local/libexec/openldap

moduleload  back_bdb



# Disallow bind as anonymous.

disallow    bind_anon



# Uncomment below line to allow binding as anonymouse.

#allow bind_anon_cred



# Specify LDAP protocol version.

require     LDAPv3

#allow       bind_v2



# Log level.

#   -1:     enable all debugging

#    0:     no debugging

#   128:    access control list processing

#   256:    stats log connections/operations/results

loglevel    256

#0 plop

#

# Access Control List. Used for LDAP bind.

#

# NOTE: Every domain have a administrator. e.g.

#   Domain Name: 'XXXXX'

#   Admin Name: mail=postmaster@XXXXX, domainName=XXXXXX, o=XXXXX,dc=XXXXX,dc=XX

#



# Personal LDAP address book.

access to dn.regex="cn=[^,]+,mail=([^,]+)@([^,]+),ou=Users,domainName=([^,]+),o=domains,dc=XXXXXXXX,dc=XX$"

    by anonymous                    none

    by self                         none

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by dn.regex="mail=$1@$2,ou=Users,domainName=$3,o=domains,dc=XXXXXXXX,dc=XX$" write

    by users                        none



# Allow users to change their own passwords and mail forwarding addresses.

access to attrs="userPassword,mailForwardingAddress"

    by anonymous    auth

    by self         write

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users        none



# Allow to read others public info.

access to attrs="cn,sn,gn,givenName,telephoneNumber"

    by anonymous    auth

    by self         write

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users        read



# Domain attrs.

access to attrs="objectclass,domainName,mtaTransport,enabledService,domainSenderBccAddress,domainRecipientBccAddress,domainBackupMX,domainMaxQuotaSize,domainMaxUserNumber"

    by anonymous    auth

    by self         read

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users        read



access to attrs="domainAdmin,domainGlobalAdmin,domainSenderBccAddress,domainRecipientBccAddress"

    by anonymous    auth

    by self         read

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users        none



# User attrs.

access to attrs="employeeNumber,homeDirectory,mailMessageStore,mail,accountStatus,userSenderBccAddress,userRecipientBccAddress,mailQuota,backupMailAddress,shadowAddress"

    by anonymous    auth

    by self         read

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users        read



#

# Set ACL for vmail/vmailadmin.

#

access to dn="cn=vmail,dc=XXXXXXXX,dc=XX"

    by anonymous                    auth

    by self                         write

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users                        none



access to dn="cn=vmailadmin,dc=XXXXXXXX,dc=XX"

    by anonymous                    auth

    by self                         write

    by users                        none



#

# Allow users to access their own domain subtree.

# Allow domain admin to modify accounts under same domain.

#

access to dn.regex="domainName=([^,]+),o=domains,dc=XXXXXXXX,dc=XX$"

    by anonymous                    auth

    by self                         write

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by dn.regex="mail=[^,]+@$1,o=domainAdmins,dc=XXXXXXXX,dc=XX$" write

    by dn.regex="mail=[^,]+@$1,ou=Users,domainName=$1,o=domains,dc=XXXXXXXX,dc=XX$" read

    by users                        none



#

# Grant correct privileges to vmail/vmailadmin.

#

access to dn.subtree="o=XXXXX,dc=XXXXXXXX,dc=XX"

    by anonymous                    auth

    by self                         write

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by dn.regex="mail=[^,]+,ou=Users,domainName=$1,o=domains,dc=XXXXXXXX,dc=XX$" read

    by users                        read



access to dn.subtree="o=domainAdmins,dc=XXXXXXXX,dc=XX"

    by anonymous                    auth

    by self                         write

    by dn.exact="cn=vmail,dc=XXXXXXXX,dc=XX"   read

    by dn.exact="cn=vmailadmin,dc=XXXXXXXX,dc=XX"  write

    by users                        none



#

# Set permission for "cn=*,dc=XXXXXXXX,dc=XX".

#

access to dn.regex="cn=[^,]+,dc=XXXXXXXX,dc=XX"

    by anonymous                    auth

    by self                         write

    by users                        none



#

# Set default permission.

#

access to *

    by anonymous                    auth

    by self                         write

    by users                        read



#######################################################################

# BDB database definitions

#######################################################################



database    bdb

suffix      dc=XXXXXXXX,dc=XX

directory   /var/db/openldap-data/XXXXXXXX.XX



rootdn      cn=Manager,dc=XXXXXXXX,dc=XX

rootpw      XXXXXXXXXXXXXXXX



sizelimit   1000

cachesize   1000



#

# Set directory permission.

#

mode        0700



#

# Default index.

#

index objectClass                                   eq,pres

index uidNumber,gidNumber,uid,memberUid,loginShell  eq,pres

index homeDirectory,mailMessageStore                eq,pres

index ou,cn,mail,surname,givenname,telephoneNumber  eq,pres,sub

index nisMapName,nisMapEntry                        eq,pres,sub

index shadowLastChange                              eq,pres



#

# Index for mail attrs.

#

# ---- Domain related ----

index domainName,mtaTransport,accountStatus,enabledService  eq,pres,sub

index domainAliasName    eq,pres,sub

index domainMaxUserNumber eq,pres

index domainAdmin,domainGlobalAdmin,domainBackupMX    eq,pres,sub

index domainSenderBccAddress,domainRecipientBccAddress  eq,pres,sub

# ---- Group related ----

index accessPolicy,hasMember,listAllowedUser   eq,pres,sub

# ---- User related ----

index mailForwardingAddress,shadowAddress   eq,pres,sub

index backupMailAddress,memberOfGroup   eq,pres,sub

index userRecipientBccAddress,userSenderBccAddress  eq,pres,sub
"
This file help you to anderstand what is broken?


As i have some problem when i tried to check my sql table ("mysqlcheck --force -repair -u root -p -A"), i suppose ldap can't start because somes tables are corrupted. but id'ont know how to repair it and if take the good point or not.

"
mysqlcheck --force -repair -u root -p -A

with some tables i have "OK", with other tables i have this response:
" the storage engine for the table doesn't support repair roundcubemail.contactgroupmenbers"
or " the storage engine for the table doesn't support repair roundcubemail.contactgroups"
or " the storage engine for the table doesn't support repair roundcubemail.contact"
or " the storage engine for the table doesn't support repair roundcubemail.identities"
or " the storage engine for the table doesn't support repair roundcubemail.mesages"
or " the storage engine for the table doesn't support repair roundcubemail.session"
...
"

I 'am goint to check your link.
Thanks a lot.
goraxmax