我把slapd.conf chmod 755 之後..
test# ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
ldap_bind: Can't contact LDAP server (-1)
還是一樣
test# /usr/local/libexec/slapd -u ldap -d 63 -h ldap://test.example.org:389
@(#) $OpenLDAP: slapd 2.2.8 (Apr 10 2004 11:42:48) $
snort@test.example.org:/usr/ports/net/openldap22-server/work/openldap-2.2.
8/servers/slapd
daemon_init: ldap://test.example.org:389
daemon_init: listen on ldap://test.example.org:389
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://test.example.org:389)
daemon: initialized ldap://test.example.org:389
daemon_init: 1 listeners opened
slapd init: initiated server.
bdb_initialize: initialize BDB backend
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
bdb_initialize: initialize BDB backend
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
>>> dnNormalize: <cn=Subschema>
=> ldap_bv2dn(cn=Subschema,0)
<= ldap_bv2dn(cn=Subschema,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=subschema,272)=0
<<< dnNormalize: <cn=subschema>
bdb_db_init: Initializing BDB database
>>> dnPrettyNormal: <dc=test,dc=example,dc=org>
=> ldap_bv2dn(dc=test,dc=example,dc=org,0)
<= ldap_bv2dn(dc=test,dc=example,dc=org,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=test,dc=example,dc=org,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=test,dc=example,dc=org,272)=0
<<< dnPrettyNormal: <dc=test,dc=example,dc=org>, <dc=test,dc=example,dc=org>
>>> dnPrettyNormal: <cn=Manager,dc=test,dc=example,dc=org>
=> ldap_bv2dn(cn=Manager,dc=test,dc=example,dc=org,0)
<= ldap_bv2dn(cn=Manager,dc=test,dc=example,dc=org,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Manager,dc=test,dc=example,dc=org,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=manager,dc=test,dc=example,dc=org,272)=0
<<< dnPrettyNormal: <cn=Manager,dc=test,dc=example,dc=org>, <cn=manager,dc=test,dc
=example,dc=org>
matching_rule_use_init
1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: ( 1.2.840.11355
6.1.4.804 NAME 'integerBitOrMatch' APPLIES supportedLDAPVersion )
1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: ( 1.2.840.1135
56.1.4.803 NAME 'integerBitAndMatch' APPLIES supportedLDAPVersion )
1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: ( 1.3.6.1.
4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( email $ associatedDomain
$ dc $ mail $ altServer ) )
1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: ( 1.3.6.1.4
.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( email $ associatedDomain $
dc $ mail $ altServer ) )
2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME 'certificate
Match' APPLIES ( cACertificate $ userCertificate ) )
2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME 'certif
icateExactMatch' APPLIES ( cACertificate $ userCertificate ) )
2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: ( 2.5.13.3
0 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedApplicationConte
xt $ ldapSyntaxes $ matchingRuleUse $ objectClasses $ attributeTypes $ matchingR
ules $ supportedFeatures $ supportedExtension $ supportedControl ) )
2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29 NAME 'i
ntegerFirstComponentMatch' APPLIES supportedLDAPVersion )
2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME 'general
izedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )
2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 NAME 'pro
tocolInformationMatch' APPLIES protocolInformation )
2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemb
erMatch' APPLIES uniqueMember )
2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 NAME 'pre
sentationAddressMatch' APPLIES presentationAddress )
2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME 'telepho
neNumberMatch' APPLIES telephoneNumber )
2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME 'octetString
Match' APPLIES userPassword )
2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatc
h' APPLIES x500UniqueIdentifier )
2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' A
PPLIES supportedLDAPVersion )
2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' A
PPLIES hasSubordinates )
2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME 'caseIgno
reListMatch' APPLIES ( registeredAddress $ postalAddress ) )
2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME 'numericStri
ngMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )
2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 NAME 'caseE
xactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber
) )
2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME 'caseExa
ctOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) )
2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch'
APPLIES ( uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $
initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName $ post
OfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o $ stree
t $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ na
me $ ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) )
2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 NAME 'case
IgnoreSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumb
er ) )
2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME 'caseIg
noreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber )
)
2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatc
h' APPLIES ( uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier
$ initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName $ po
stOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o $ str
eet $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $
name $ ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) )
2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME 'disting
uishedNameMatch' APPLIES ( seeAlso $ roleOccupant $ owner $ member $ distinguish
edName $ aliasedObjectName $ namingContexts $ subschemaSubentry $ modifiersName
$ creatorsName ) )
2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME 'objectId
entifierMatch' APPLIES ( supportedApplicationContext $ supportedFeatures $ suppo
rtedExtension $ supportedControl ) )
slapd startup: initiated.
bdb_db_open: dc=test,dc=example,dc=org
bdb_db_open: dbenv_open(/var/db/openldap-data)
bdb(dc=test,dc=example,dc=org): /var/db/openldap-data/__db.001: Permission denied
bdb_db_open: dbenv_open failed: Permission denied (13)
backend_startup: bi_db_open(0) failed! (13)
slapd shutdown: initiated
====> bdb_cache_release_all
slapd shutdown: freeing system resources.
bdb(dc=test,dc=example,dc=org): txn_checkpoint interface requires an environment c
onfigured for the transaction subsystem
bdb_db_destroy: txn_checkpoint failed: Invalid argument (22)
slapd stopped.
connections_destroy: nothing to destroy.