NAME
slurpd - Standalone LDAP Update Replication Daemon
SYNOPSIS
slurpd [-d debug-level] [-f slapd-config-file] [-r slapd-replog-file]
[-t temp-dir] [-o] [-k srvtab-file]
DESCRIPTION
Slurpd is used to propagate changes from one slapd database to
another. If slapd is configured to produce a replication log, slurpd
reads that replication log and sends the changes to the slave slapd
instances via the LDAP protocol. slurpd is typically invoked at boot
time, usually out of /etc/rc.local.
Upon startup, slurpd normally forks and disassociates itself from the
invoking tty, then reads the replication log (given either by the replogfile
directive in the slapd config file, or by the -r command-line
option). If the replication log file does not exist or is empty, slurpd
goes to sleep. It periodically wakes up and checks to see if there are any
changes to be propoagated.
When slurpd notices that there are changes to propagate to slave slapd
instances, it locks the replication log, makes its own private copy, releases
the lock, and forks one copy of itself for each replica slapd to be
updated. Each child process binds to the slave slapd as the DN given by
the binddn option to the replica directive in the slapd
config file, and sends the changes.
See slapd(8) for details on the standalone
LDAP daemon.
Note that slurpd reads replication directive from slapd.conf(5),
but optionally uses ldap.conf(5)
to obtain other configuration settings (such as TLS settings).
OPTIONS
- -d debug-level
- Turn on debugging as defined by debug-level. If this option is
specified, even with a zero argument, slurpd will not fork or
disassociate from the invoking terminal. Some general operation and status
messages are printed for any value of debug-level. debug-level
is taken as a bit string, with each bit corresponding to a different kind of
debugging information. See <ldap.h> for details.
- -f slapd-config-file
- Specifies the slapd configuration file. The default is /usr/local/etc/slapd.conf.
- -r slapd-replog-file
- Specifies the name of the slapd replication logfile. Normally, the
name of the replication log file is read from the slapd configuration
file. The file should be located in a directory with limited
read/write/execute access. The -r option allows you to override this.
In conjunction with the -o option, you can process a replication log
file in a "one-shot" mode. For example, if slurpd has
encountered errors in processing a replication log, you can run it in
one-shot mode and give the rejection file name as the argument to the -r
option, once you've resolved the problem which caused the replication to
fail.
- -o
- Run in "one-shot" mode. Normally, slurpd processes the
replog file and then watches for more replication entries to be appended. In
one-shot mode, slurpd processes a replication log and exits.
- -t temp-dir
- slurpd copies the replication log to a working directory before
processing it. The directory permissions should limit read/write/execute
access as temporary files may contain sensitive information. This option
allows you to specify the location of these temporary files. The default is /usr/local/ldap.
- -k srvtab-file
- Specify the location of the kerberos srvtab file which contains keys for
the replica slapd instances. Overrides the srvtab argument to the
replica directive in the slapd configuration file.
EXAMPLES
To start slurpd and have it fork and detach from the terminal and process
the replication logs generated by slapd, just type:
slurpd
To start slurpd with an alternate slapd configuration file, and
turn on voluminous debugging which will be printed on standard error, type:
slurpd -f /usr/local/etc/slapd.conf -d 255
SEE ALSO
ldap(3), ldap.conf(5),
slapd.conf(5), slapd.replog(5), slapd(8)
ACKNOWLEDGEMENTS
is derived from University of Michigan LDAP 3.3 Release.
