Date: Fri, 28 Apr 2006 11:20:23 GMT From: "Thomas Sandford" <thomas@paradisegreen.co.uk> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/91806: net/nss_ldap broken with getpwuid* Message-ID: <200604281120.k3SBKNkx041517@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/91806; it has been noted by GNATS. From: "Thomas Sandford" <thomas@paradisegreen.co.uk> To: <bug-followup@FreeBSD.org>, <sean@mcneil.com> Cc: Subject: Re: ports/91806: net/nss_ldap broken with getpwuid* Date: Fri, 28 Apr 2006 12:16:05 +0100 I'm not sure if this is related, but following a recent crash (prior to which my box had run without problems for many months) I have been having similar problems. I have: almaz# portversion -v ... nss_ldap-1.239 < needs updating (port has 1.249) openldap-client-2.3.19 < needs updating (port has 2.3.21) openldap-server-2.3.19 < needs updating (port has 2.3.21) ... almaz# cat /etc/nsswitch.conf # group: compat group: files ldap group_compat: nis hosts: files dns networks: files # passwd: compat passwd: files ldap passwd_compat: nis shells: files almaz# uname -v FreeBSD 5.4-RELEASE #0: Sun May 15 12:31:08 BST 2005 root@almaz.paradisegreen.co.uk:/usr/src/sys/i386/compile/SMP What I find is that immediately after reboot, neither cron nor sshd are able to read user data via nss. eg: almaz# cat /var/log/auth.log # reboot occurred here Apr 26 09:42:00 almaz sshd[477]: Server listening on :: port 22. Apr 26 09:42:00 almaz sshd[477]: Server listening on 0.0.0.0 port 22. # attempt to log in (correct user/password) via ssh Apr 26 10:19:29 almaz sshd[2683]: Illegal user tdgsandf from 10.0.0.6 Apr 26 10:19:29 almaz sshd[2684]: input_userauth_request: illegal user tdgsandf Apr 26 10:19:31 almaz sshd[2683]: Failed unknown for illegal user tdgsandf from 10.0.0.6 port 3559 ssh2 # run "/etc/rc.d/sshd restart" Apr 26 10:20:46 almaz sshd[477]: Received signal 15; terminating. Apr 26 10:20:46 almaz sshd[2721]: Server listening on :: port 22. Apr 26 10:20:46 almaz sshd[2721]: Server listening on 0.0.0.0 port 22. # and try and log in again Apr 26 10:21:09 almaz sshd[2722]: Accepted keyboard-interactive/pam for tdgsandf from 10.0.0.6 port 3560 ssh2 Apr 26 10:21:09 almaz sshd[2722]: nss_ldap: reconnecting to LDAP server... Apr 26 10:21:09 almaz sshd[2722]: nss_ldap: reconnected to LDAP server after 1 a ttempt(s) ... Similarly: almaz# cat /var/log/cron # some time after a reboot Apr 28 11:22:00 almaz /usr/sbin/cron[33972]: (operator) CMD (/usr/libexec/save-e ntropy) # one error for each LDAP user's crontab Apr 28 11:22:00 almaz cron[33972]: NSSWITCH(nss_method_lookup): ldap, group, set grent, not found Apr 28 11:22:00 almaz cron[33972]: NSSWITCH(nss_method_lookup): ldap, group, get grent_r, not found Apr 28 11:22:00 almaz cron[33972]: NSSWITCH(nss_method_lookup): ldap, group, end grent, not found Apr 28 11:22:00 almaz cron[33972]: NSSWITCH(nss_method_lookup): ldap, passwd, en dpwent, not found Apr 28 11:25:00 almaz /usr/sbin/cron[34121]: (root) CMD (/usr/libexec/atrun) Apr 28 11:25:00 almaz cron[34121]: NSSWITCH(nss_method_lookup): ldap, group, set grent, not found Apr 28 11:25:00 almaz cron[34121]: NSSWITCH(nss_method_lookup): ldap, group, get grent_r, not found Apr 28 11:25:00 almaz cron[34121]: NSSWITCH(nss_method_lookup): ldap, group, end grent, not found Apr 28 11:25:00 almaz cron[34121]: NSSWITCH(nss_method_lookup): ldap, passwd, en dpwent, not found # run "/etc/rc.d/cron restart" # and now all crontabs processed OK Apr 28 11:30:00 almaz /usr/sbin/cron[34455]: (root) CMD (/usr/libexec/atrun) Apr 28 11:33:00 almaz /usr/sbin/cron[34490]: (operator) CMD (/usr/libexec/save-e ntropy) Somehow nss_ldap seems not to be working correctly immediately after boot, and daemons which started before it was running correctly can _never_ pick up information through it until they are restarted. But it looks as though this may be LDAP version rather than nss_ldap version related since my nss_ldap version is unchanged for some time. -- Thomas Sandford
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604281120.k3SBKNkx041517>