From owner-freebsd-questions@FreeBSD.ORG  Mon Jun 26 02:26:33 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0453D16A400
	for <freebsd-questions@freebsd.org>;
	Mon, 26 Jun 2006 02:26:33 +0000 (UTC)
	(envelope-from marcus@riboflavin.net)
Received: from dsl.76.226.networkiowa.com (dsl.76.226.networkiowa.com
	[209.234.76.226])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 77FD743F61
	for <freebsd-questions@freebsd.org>;
	Mon, 26 Jun 2006 02:26:32 +0000 (GMT)
	(envelope-from marcus@riboflavin.net)
Received: by dsl.76.226.networkiowa.com (Postfix, from userid 1004)
	id 6DBC72BB; Sun, 25 Jun 2006 21:03:10 -0500 (CDT)
X-Spam-Score: -4.4
X-Spam-Checker-Version: SpamAssassin 3.1.0(2005-09-13) on 
	dsl.76.226.networkiowa.com
X-Spam-HStatus: hits=-4.4, tests=ALL_TRUSTED,BAYES_00, Report=
	* -1.8 ALL_TRUSTED Passed through trusted hosts only via SMTP
	* -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
	*      [score: 0.0000]
X-Spam-Level: 
X-Spam-Status: No, hits=-4.4 required=8.0 tests=ALL_TRUSTED,BAYES_00 
	autolearn=ham version=3.1.0
Received: from localhost (localhost.networkiowa.com [127.0.0.1])
	by dsl.76.226.networkiowa.com (Postfix) with ESMTP id 65989190
	for <freebsd-questions@freebsd.org>;
	Sun, 25 Jun 2006 21:03:09 -0500 (CDT)
Received: from calvin.int.riboflavin.net (calvin.int.riboflavin.net
	[172.30.1.150]) by www.riboflavin.net (Horde MIME library) with HTTP;
	Sun, 25 Jun 2006 21:03:09 -0500
Message-ID: <20060625210309.q92nzbr5wkcso0kg@www.riboflavin.net>
X-Priority: 3 (Normal)
Date: Sun, 25 Jun 2006 21:03:09 -0500
From: "Marcus I. Ryan" <marcus@riboflavin.net>
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain;
	charset=ISO-8859-1;
	DelSp="Yes";
	format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.2-cvs)
Subject: slapd hangs in nss configuration
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2006 02:26:33 -0000

I'm trying to set up NSS with an OpenLDAP backend on one server.  When =20
I try to start slapd after I've enabled nss, slapd hangs and won't =20
start.  It seems to relate directly to group nss because if I simply =20
change the nsswitch.conf to be:

passwd: files ldap
groups: files

slapd starts fine.  As soon as I add ldap to the groups line, slapd =20
won't start.  All involved groups I can think of (wheel, ldap, etc.) =20
are in the local groups file.  I tried "groups: files [success=3Dreturn] =20
ldap" as well, but either way it still tries to go to ldap.

Truss shows it's not exactly hanging, but it's stuck in a loop -- the =20
same truss output keeps repeating:

83287: poll({11 0x0|IN|PRI|NVAL|RDNORM|RDBAND|WRBAND },1,30000) =3D 0 (0x0)
83287: shutdown(0xb,0x2)                         =3D 0 (0x0)
83287: close(11)                                 =3D 0 (0x0)
83287: gettimeofday({1151263559 839848},0x0)     =3D 0 (0x0)
83287: getpid()                                  =3D 83287 (0x14557)
83287: sendto(0x3,0x7fffffffca50,0,0x0,NULL,0x0) =3D 118 (0x76)
83287: stat("/usr/local/etc/nss_ldap.conf",0x7fffffffce90) =3D 0 (0x0)
83287: getpid()                                  =3D 83287 (0x14557)
83287: geteuid()                                 =3D 0 (0x0)
83287: socket(0x1,0x1,0x0)                       =3D 11 (0xb)
83287: fcntl(11,F_GETFL,0x80122ebe4)             =3D 2 (0x2)
83287: fcntl(11,F_SETFL,0x6)                     =3D 0 (0x0)
83287: connect(0xb,{ AF_UNIX "/var/run/openldap/ldapi" },106) ERR#61 =20
'Connection refused'
83287: shutdown(0xb,0x2)                         =3D 0 (0x0)
83287: close(11)                                 =3D 0 (0x0)
83287: gettimeofday({1151263559 840968},0x0)     =3D 0 (0x0)
83287: getpid()                                  =3D 83287 (0x14557)
83287: sendto(0x3,0x7fffffffca50,0,0x0,NULL,0x0) =3D 142 (0x8e)
83287: gettimeofday({1151263559 841282},0x0)     =3D 0 (0x0)
83287: getpid()                                  =3D 83287 (0x14557)
83287: sendto(0x3,0x7fffffffca50,0,0x0,NULL,0x0) =3D 97 (0x61)
83287: nanosleep({16 0})                         =3D 0 (0x0)
83287: stat("/usr/local/etc/nss_ldap.conf",0x7fffffffce90) =3D 0 (0x0)
83287: getpid()                                  =3D 83287 (0x14557)
83287: geteuid()                                 =3D 0 (0x0)
83287: socket(0x2,0x1,0x0)                       =3D 11 (0xb)
83287: setsockopt(0xb,0x6,0x1,0x7fffffffd014,0x4) =3D 0 (0x0)
83287: fcntl(11,F_GETFL,0x80122ebe4)             =3D 2 (0x2)
83287: fcntl(11,F_SETFL,0x6)                     =3D 0 (0x0)
83287: connect(0xb,{ AF_INET 127.0.0.1:389 },16) ERR#36 'Operation now =20
in progress'

I'm pretty well stumped at this point, except to update the slapd =20
startup script to update nsswitch.conf...

--=20
Marcus I. Ryan, marcus@riboflavin.net
--------------------------------------------------------------------
Hanlon's Razor:  Never attribute to malice that which is adequately
explained by stupidity.
--------------------------------------------------------------------