[LDAP] CentOS7安装OpenLDAP后启动报错解决

问题

CentOS7.3下yum在线安装的openldap-servers-2.4.44-20.el7.x86_64，安装配置完成后启动报错，报错日志：

[root@openldap ~]# systemctl start slapd
Job for slapd.service failed because the control process exited with error code. See "systemctl status slapd.service" and "journalctl -xe" for details.
[root@openldap ~]# journalctl -xe
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit slapd.service has begun starting up.
Jan 08 16:03:15 openldap runuser[20991]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jan 08 16:03:15 openldap runuser[20991]: pam_unix(runuser:session): session closed for user ldap
Jan 08 16:03:15 openldap slapd[21002]: @(#) $OpenLDAP: slapd 2.4.44 (Oct 30 2018 23:14:27) $
                                               [email protected]:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44
Jan 08 16:03:15 openldap slapd[21002]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif
Jan 08 16:03:15 openldap slapd[21002]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif"
Jan 08 16:03:15 openldap slapd[21002]: tlsmc_cert_create_hash_symlink: ERROR: OS error: Permission denied
Jan 08 16:03:15 openldap slapd[21002]: main: TLS init def ctx failed: -1
Jan 08 16:03:15 openldap slapd[21002]: slapd stopped.
Jan 08 16:03:15 openldap slapd[21002]: connections_destroy: nothing to destroy.
Jan 08 16:03:15 openldap systemd[1]: slapd.service: control process exited, code=exited status=1
Jan 08 16:03:15 openldap systemd[1]: Failed to start OpenLDAP Server Daemon.
-- Subject: Unit slapd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit slapd.service has failed.
-- 
-- The result is failed.
Jan 08 16:03:15 openldap systemd[1]: Unit slapd.service entered failed state.
Jan 08 16:03:15 openldap systemd[1]: slapd.service failed.
Jan 08 16:03:15 openldap polkitd[778]: Unregistered Authentication Agent for unix-process:20982:1499293 (system bus name :1.187, obje
lines 3729-3753/3753 (END)

 

解决

关闭SELinux

[root@openldap ~]# vi /etc/selinux/config 
SELINUX=disabled

修改配置后重启机器。

 

再次启动OpenLDAP，启动成功。

[root@openldap ~]# systemctl start slapd
[root@openldap ~]# systemctl is-active slapd
active
[root@openldap ~]#