slurpd(8)

NAME

slurpd - Standalone LDAP Update Replication Daemon

SYNOPSIS

/usr/lib/openldap/slurpd  [-d  debug-level] [-f slapd-con
fig-file] [-r slapd-replog-file] [-t  temp-dir]  [-o]  [-k
srvtab-file]

DESCRIPTION

Slurpd is used to propagate changes from one slapd database to another. If slapd is configured to produce a
replication log, slurpd reads that replication log and sends the changes to the slave slapd instances via the
LDAP protocol. slurpd is typically invoked at boot time, usually out of /etc/rc.local.

Upon startup, slurpd normally forks and disassociates itself from the invoking tty, then reads the replication
log (given either by the replogfile directive in the slapd config file, or by the -r command-line option). If the
replication log file does not exist or is empty, slurpd goes to sleep. It periodically wakes up and checks to see
if there are any changes to be propoagated.

When slurpd notices that there are changes to propagate to slave slapd instances, it locks the replication log, makes
its own private copy, releases the lock, and forks one
copy of itself for each replica slapd to be updated. Each
child process binds to the slave slapd as the DN given by
the binddn option to the replica directive in the slapd config file, and sends the changes.

See slapd(8) for details on the standalone LDAP daemon.

Note that slurpd reads replication directive from slapd.conf(5), but uses ldap.conf(5) to obtain other con figuration settings (such as TLS settings).

OPTIONS

-d debug-level: Turn on debugging as defined by debug-level. If this option is specified, even with a zero argu
ment, slurpd will not fork or disassociate from the invoking terminal. Some general operation and sta
tus messages are printed for any value of
debug-level. debug-level is taken as a bit string, with each bit corresponding to a different kind of
debugging information. See <ldap.h> for details.
-f slapd-config-file: Specifies the slapd configuration file. The
default is /etc/openldap/slapd.conf.
-r slapd-replog-file: Specifies the name of the slapd replication log
file. Normally, the name of the replication log
file is read from the slapd configuration file.
The file should be located in a directory with lim
ited read/write/execute access. The -r option
allows you to override this. In conjunction with
the -o option, you can process a replication log
file in a "one-shot" mode. For example, if slurpd has encountered errors in processing a replication
log, you can run it in one-shot mode and give the
rejection file name as the argument to the -r
option, once you've resolved the problem which
caused the replication to fail.
-o Run in "one-shot" mode. Normally, slurpd processes: the replog file and then watches for more replica
tion entries to be appended. In one-shot mode,
slurpd processes a replication log and exits.
-t temp-dir: slurpd copies the replication log to a working directory before processing it. The directory per
missions should limit read/write/execute access as
temporary files may contain sensitive information.
This option allows you to specify the location of
these temporary files. The default is
/var/run/slapd/openldap-slurp.
-k srvtab-file: Specify the location of the kerberos srvtab file
which contains keys for the replica slapd
instances. Overrides the srvtab argument to the
replica directive in the slapd configuration file.

EXAMPLES

To start slurpd and have it fork and detach from the ter minal and process the replication logs generated by slapd, just type:: /usr/lib/openldap/slurpd
To start slurpd with an alternate slapd configuration file, and turn on voluminous debugging which will be printed on standard error, type:: /usr/lib/openldap/slurpd -f /etc/openldap/slapd.conf; -d 255

ACKNOWLEDGEMENTS

OpenLDAP is developed and maintained by The OpenLDAP Pro ject (http://www.openldap.org/). OpenLDAP is derived from University of Michigan LDAP 3.3 Release.

docs.sk

comprehensive documentation repository

See also