slapd-mdb(5) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | CONFIGURATION | ACCESS CONTROL | FILES | SEE ALSO | ACKNOWLEDGEMENTS | COLOPHON

SLAPD-MDB(5)               File Formats Manual              SLAPD-MDB(5)

NAME         top

       slapd-mdb - Memory-Mapped DB backend to slapd

SYNOPSIS         top

       ETCDIR/slapd.conf

DESCRIPTION         top

       The mdb backend to slapd(8) uses OpenLDAP's Lightning Memory-
       Mapped DB (LMDB) library to store data.  It relies completely on
       the underlying operating system for memory management and does no
       caching of its own. It is the recommended primary database
       backend.

       The mdb backend uses a hierarchical database layout which
       supports subtree renames.

CONFIGURATION         top

       These slapd.conf options apply to the mdb backend.  That is, they
       must follow a "backend mdb" line and come before any subsequent
       "backend" or "database" lines.

       idlexp <exp>
              Specify a power of 2 for the maximum size of an index
              slot.  The default is 16, yielding a maximum slot size of
              2^16 or 65536.  Once set, this option applies to every mdb
              database instance.  The specified value must be in the
              range of 16-30.

       These slapd.conf options apply to the mdb backend database.  That
       is, they must follow a "database mdb" line and come before any
       subsequent "backend" or "database" lines.  Other database options
       are described in the slapd.conf(5) manual page.

       checkpoint <kbyte> <min>
              Specify the frequency for flushing the database disk
              buffers.  This setting is only needed if the dbnosync
              option is used.  The checkpoint will occur if either
              <kbyte> data has been written or <min> minutes have passed
              since the last checkpoint.  Both arguments default to
              zero, in which case they are ignored. When the <min>
              argument is non-zero, an internal task will run every
              <min> minutes to perform the checkpoint.  Note: currently
              the <kbyte> setting is unimplemented.

       dbnosync
              Specify that on-disk database contents should not be
              immediately synchronized with in memory changes.  Enabling
              this option may improve performance at the expense of data
              security. In particular, if the operating system crashes
              before changes are flushed, some number of transactions
              may be lost.  By default, a full data flush/sync is
              performed when each transaction is committed.

       directory <directory>
              Specify the directory where the LMDB files containing this
              database and associated indexes live.  A separate
              directory must be specified for each database.  The
              default is LOCALSTATEDIR/openldap-data.

       envflags {nosync,nometasync,writemap,mapasync,nordahead}
              Specify flags for finer-grained control of the LMDB
              library's operation.

              nosync This is exactly the same as the dbnosync directive.

              nometasync
                     Flush the data on a commit, but skip the sync of
                     the meta page. This mode is slightly faster than
                     doing a full sync, but can potentially lose the
                     last committed transaction if the operating system
                     crashes. If both nometasync and nosync are set, the
                     nosync flag takes precedence.

              writemap
                     Use a writable memory map instead of just read-
                     only. This speeds up write operations but makes the
                     database vulnerable to corruption in case any bugs
                     in slapd cause stray writes into the mmap region.

              mapasync
                     When using a writable memory map and performing
                     flushes on each commit, use an asynchronous flush
                     instead of a synchronous flush (the default). This
                     option has no effect if writemap has not been set.
                     It also has no effect if nosync is set.

              nordahead
                     Turn off file readahead. Usually the OS performs
                     readahead on every read request. This usually
                     boosts read performance but can be harmful to
                     random access read performance if the system's
                     memory is full and the DB is larger than RAM. This
                     option is not implemented on Windows.

       index {<attrlist>|default} [pres,eq,approx,sub,<special>]
              Specify the indexes to maintain for the given attribute
              (or list of attributes).  Some attributes only support a
              subset of indexes.  If only an <attr> is given, the
              indices specified for default are maintained.  Note that
              setting a default does not imply that all attributes will
              be indexed. Also, for best performance, an eq index should
              always be configured for the objectClass attribute.

              A number of special index parameters may be specified.
              The index type sub can be decomposed into subinitial,
              subany, and subfinal indices.  The special type nolang may
              be specified to disallow use of this index by language
              subtypes.  The special type nosubtypes may be specified to
              disallow use of this index by named subtypes.  Note:
              changing index settings in slapd.conf(5) requires
              rebuilding indices, see slapindex(8); changing index
              settings dynamically by LDAPModifying "cn=config"
              automatically causes rebuilding of the indices online in a
              background task.

       maxentrysize <bytes>
              Specify the maximum size of an entry in bytes. Attempts to
              store an entry larger than this size will be rejected with
              the error LDAP_ADMINLIMIT_EXCEEDED. The default is 0,
              which is unlimited.

       maxreaders <integer>
              Specify the maximum number of threads that may have
              concurrent read access to the database. Tools such as
              slapcat count as a single thread, in addition to threads
              in any active slapd processes. The default is 126.

       maxsize <bytes>
              Specify the maximum size of the database in bytes. A
              memory map of this size is allocated at startup time and
              the database will not be allowed to grow beyond this size.
              The default is 10485760 bytes. This setting may be changed
              upward if the configured limit needs to be increased.

              Note: It is important to set this to as large a value as
              possible, (relative to anticipated growth of the actual
              data over time) since growing the size later may not be
              practical when the system is under heavy load.

       mode <integer>
              Specify the file protection mode that newly created
              database files should have.  The default is 0600.

       multival {<attrlist>|default} <integer hi>,<integer lo>
              Specify the number of values for which a multivalued
              attribute is stored in a separate table. Normally entries
              are stored as a single blob inside the database. When an
              entry gets very large or contains attributes with a very
              large number of values, modifications on that entry may
              get very slow. Splitting the large attributes out to a
              separate table can improve the performance of modification
              operations.  The threshold is specified as a pair of
              integers. If the number of values exceeds the hi threshold
              the values will be split out. If a modification deletes
              enough values to bring an attribute below the lo threshold
              the values will be removed from the separate table and
              merged back into the main entry blob.  The threshold can
              be set for a specific list of attributes, or the default
              can be configured for all other attributes.  The default
              value for both hi and lo thresholds is UINT_MAX, which
              keeps all attributes in the main blob.

       rtxnsize <entries>
              Specify the maximum number of entries to process in a
              single read transaction when executing a large search.
              Long-lived read transactions prevent old database pages
              from being reused in write transactions, and so can cause
              significant growth of the database file when there is
              heavy write traffic. This setting causes the read
              transaction in large searches to be released and
              reacquired after the given number of entries has been
              read, to give writers the opportunity to reclaim old
              database pages. The default is 10000.

       searchstack <depth>
              Specify the depth of the stack used for search filter
              evaluation.  Search filters are evaluated on a stack to
              accommodate nested AND / OR clauses. An individual stack
              is assigned to each server thread.  The depth of the stack
              determines how complex a filter can be evaluated without
              requiring any additional memory allocation. Filters that
              are nested deeper than the search stack depth will cause a
              separate stack to be allocated for that particular search
              operation. These allocations can have a major negative
              impact on server performance, but specifying too much
              stack will also consume a great deal of memory.  Each
              search stack uses 512K bytes per level. The default stack
              depth is 16, thus 8MB per thread is used.

ACCESS CONTROL         top

       The mdb backend honors access control semantics as indicated in
       slapd.access(5).

FILES         top

       ETCDIR/slapd.conf
              default slapd configuration file

SEE ALSO         top

       slapd.conf(5), slapd-config(5), slapd(8), slapadd(8), slapcat(8),
       slapindex(8), slapmodify(8), OpenLDAP LMDB documentation.

ACKNOWLEDGEMENTS         top

       OpenLDAP Software is developed and maintained by The OpenLDAP
       Project <http://www.openldap.org/>.  OpenLDAP Software is derived
       from the University of Michigan LDAP 3.3 Release.  Written by
       Howard Chu.

COLOPHON         top

       This page is part of the OpenLDAP (an open source implementation
       of the Lightweight Directory Access Protocol) project.
       Information about the project can be found at 
       ⟨http://www.openldap.org/⟩.  If you have a bug report for this
       manual page, see ⟨http://www.openldap.org/its/⟩.  This page was
       obtained from the project's upstream Git repository
       ⟨https://git.openldap.org/openldap/openldap.git⟩ on 2024-06-14.
       (At that time, the date of the most recent commit that was found
       in the repository was 2024-06-13.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       [email protected]

OpenLDAP LDVERSION             RELEASEDATE                  SLAPD-MDB(5)

Pages that refer to this page: slapd.access(5)slapd.backends(5)slapd.overlays(5)slapo-accesslog(5)slapo-refint(5)slapo-translucent(5)slapo-unique(5)slapcat(8)slapschema(8)