slurpd - Standalone LDAP Update Replication Daemon
/usr/libexec/slurpd [-d debug-level] [-f slapd-config-file] [-r slapd-replog-file] [-t temp-dir] [-o] [-k srvtab-file]
Slurpd is used to propagate changes from one slapd database to another. If slapd is configured to produce a replication log, slurpd reads
that replication log and sends the changes to the slave slapd instances via the LDAP protocol. slurpd is typically invoked at boot time,
usually out of /etc/rc.local.
Upon startup, slurpd normally forks and disassociates itself from the invoking tty, then reads the replication log (given either by the
replogfile directive in the slapd config file, or by the -r command-line option). If the replication log file does not exist or is empty,
slurpd goes to sleep. It periodically wakes up and checks to see if there are any changes to be propoagated.
When slurpd notices that there are changes to propagate to slave slapd instances, it locks the replication log, makes its own private copy,
releases the lock, and forks one copy of itself for each replica slapd to be updated. Each child process binds to the slave slapd as the
DN given by the binddn option to the replica directive in the slapd config file, and sends the changes.
See slapd(8) for details on the standalone LDAP daemon.
Note that slurpd reads replication directive from slapd.conf(5), but uses ldap.conf(5) to obtain other configuration settings (such as TLS
Turn on debugging as defined by debug-level. If this option is specified, even with a zero argument, slurpd will not fork or disas-
sociate from the invoking terminal. Some general operation and status messages are printed for any value of debug-level.
debug-level is taken as a bit string, with each bit corresponding to a different kind of debugging information. See <ldap.h> for
Specifies the slapd configuration file. The default is /etc/openldap/slapd.conf.
Specifies the name of the slapd replication logfile. Normally, the name of the replication log file is read from the slapd configu-
ration file. The file should be located in a directory with limited read/write/execute access. The -r option allows you to over-
ride this. In conjunction with the -o option, you can process a replication log file in a "one-shot" mode. For example, if slurpd
has encountered errors in processing a replication log, you can run it in one-shot mode and give the rejection file name as the
argument to the -r option, once you've resolved the problem which caused the replication to fail.
-o Run in "one-shot" mode. Normally, slurpd processes the replog file and then watches for more replication entries to be appended.
In one-shot mode, slurpd processes a replication log and exits.
slurpd copies the replication log to a working directory before processing it. The directory permissions should limit
read/write/execute access as temporary files may contain sensitive information. This option allows you to specify the location of
these temporary files. The default is /var/db/openldap/openldap-slurp.
Specify the location of the kerberos srvtab file which contains keys for the replica slapd instances. Overrides the srvtab argument
to the replica directive in the slapd configuration file.
To start slurpd and have it fork and detach from the terminal and process the replication logs generated by slapd, just type:
To start slurpd with an alternate slapd configuration file, and turn on voluminous debugging which will be printed on standard error, type:
/usr/libexec/slurpd -f /etc/openldap/slapd.conf -d 255
ldap(3), ldap.conf(5), slapd.conf(5), slapd.replog(5), slapd(8)
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). OpenLDAP is derived from University of Michigan
LDAP 3.3 Release.
OpenLDAP 2.1.X RELEASEDATE SLURPD(8C)