My bad - on server where it does not restart - there is a difference:

-rw-r--r--. dirsrv dirsrv unconfined_u:object_r:user_home_t:s0 60edusiscourse.ldif

On Thu, Feb 18, 2016 at 4:56 PM, Joel Levin <joel.aaron.levin@gmail.com> wrote:
Hi William:

Details below. Thanks.


>What version of linux / EL are you using?

Red Hat: 2.6.32-504.1.3.el6.x86_64 #1 SMP Fri Oct 31 11:37:10 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux
389-Directory Server (v 1.2.11.29

>
How you are starting the server? IE what command
service dirsrv stop
service dirsrv start

> output of sudo ls -alZ /etc/dirsrv/slapd-<instance>/schema/

[root@eldap1 schema]# ls -alZ /etc/dirsrv/slapd-eldap2/schema
drwxrwx---. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 .
drwxrwx---. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 ..
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 00core.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 01core389.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 02common.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 05rfc2927.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 05rfc4523.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 05rfc4524.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 06inetorgperson.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 10automember-plugin.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 10dna-plugin.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 10mep-plugin.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 10rfc2307.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 20subscriber.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 25java-object.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 28pilot.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 30ns-common.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 50ns-admin.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 50ns-certificate.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 50ns-directory.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 50ns-value.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 50ns-web.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60acctpolicy.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60autofs.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60eduperson.ldif
-rw-r--r--. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60kerberos.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60mozilla.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60nss-ldap.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60pam-plugin.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60posix-winsync-plugin.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60pureftpd.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60rfc2739.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60rfc3712.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60sabayon.ldif
-rw-r--r--. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60sendmail.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60sudo.ldif
-r--r-----. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60trust.ldif
-rw-r--r--. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 60edusiscourse.ldif
-rw-------. dirsrv dirsrv unconfined_u:object_r:dirsrv_config_t:s0 99user.ldif
drwxr-xr-x. root   root   unconfined_u:object_r:dirsrv_config_t:s0 bak


On Thu, Feb 18, 2016 at 3:43 PM, William Brown <wibrown@redhat.com> wrote:
On Thu, 2016-02-18 at 15:34 -0800, Joel Levin wrote:
> Hi All:
>
> FYI - adding a new schema file to 389 DS cluster - on 1 of the nodes there
> were no problems.
>
> But on another node the following error message arises when DS is started.
>
> All file permissions are fine.
>
> Any thoughts on what could be at play?
>
>
> Starting dirsrv:
>     eldap2...[18/Feb/2016:15:30:03 -0800] dse - The configuration file
> /etc/dirsrv/slapd-eldap2/schema/60edusiscourse.ldif could not be read.
> Netscape Portable Runtime -5966 (Access Denied.)
>
> [18/Feb/2016:15:30:03 -0800] dse - Please edit the file to correct the
> reported problems and then restart the server.

Hi,

Can you please show:

* What version of linux / EL are you using?
* How you are starting the server? IE what command
* output of sudo ls -alZ /etc/dirsrv/slapd-<instance>/schema/

That would help to start to diagnose the issue.

Thanks!

--
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane


--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org