I have upgraded ubuntu from 10.4 to 12.04. After it's done, ldap service is stopped and failed to start again! Now none of other services function! 🙁
I checked error logs and found this:
Feb 22 11:52:40 atom-lan slapd[9417]: @(#) $OpenLDAP: slapd (Sep 19 2013 22:39:38) $#012#011buildd@panlong:/build/buildd/openldap-2.4.28/debian/build/servers/slapd
Feb 22 11:52:40 atom-lan slapd[9417]: daemon: bind(9) failed errno=13 (Permission denied)
Feb 22 11:52:40 atom-lan slapd[9417]: slapd stopped.
Feb 22 11:52:40 atom-lan slapd[9417]: connections_destroy: nothing to destroy.
Feb 22 11:52:40 atom-lan kernel: [62956.076553] type=1400 audit(1393066360.532:44): apparmor="DENIED" operation="mknod" parent=9404 profile="/usr/sbin/slapd" name="/run/slapd/ldapi" pid=9417 comm="slapd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
There are some solutions regarding to this error to regenerate the certificate and disable TLS and something like that, but there is no TLS enabled for ldap on this server!
ldap.conf contains:
ldap_version 3
base dc=example,dc=com
uri ldapi:///
rootbinddn uid=passwd,ou=system-accounts,dc=example,dc=com
pam_password exop
If more information is needed, just let me know to update the question.
That would be grateful if someone help me to solve it as soon as possible.
UPDATE:
The last lines of the command "$ slapd -d 16383"
5308b574 unable to open pid file "/var/run/slapd/slapd.pid": 13 (Permission denied)
5308b574 slapd destroy: freeing system resources.
5308b574 slapd stopped.
5308b574 connections_destroy: nothing to destroy.
Best Answer
The second line of your log says that slapd cannot bind to one of its sockets:
And the last line shows that the problem is caused by AppArmor:
So this needs to be fixed in the AppArmor policy for slapd, either by Ubuntu or manually.
(and I have no idea where you got the whole TLS certificate thing from)