From owner-freebsd-stable@FreeBSD.ORG Fri Jul 7 16:18:07 2006 Return-Path: X-Original-To: stable@freebsd.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3788416A516 for ; Fri, 7 Jul 2006 16:18:07 +0000 (UTC) (envelope-from dkirhlarov@oilspace.com) Received: from office.oilspace.com (ns2.oilspace.com [194.129.65.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id B528343D5C for ; Fri, 7 Jul 2006 16:18:06 +0000 (GMT) (envelope-from dkirhlarov@oilspace.com) Received: from dimma.mow.oilspace.com (hq.oilspace.com [81.222.156.185]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by office.oilspace.com (Postfix) with ESMTP id 7446A136CDB for ; Fri, 7 Jul 2006 17:18:05 +0100 (BST) Received: from dimma.mow.oilspace.com (localhost [127.0.0.1]) by dimma.mow.oilspace.com (8.13.4/8.13.3) with ESMTP id k67GI4eH043867 for ; Fri, 7 Jul 2006 20:18:04 +0400 (MSD) (envelope-from dkirhlarov@localhost.oilspace.com) Received: (from dkirhlarov@localhost) by dimma.mow.oilspace.com (8.13.4/8.13.3/Submit) id k67GI4KY043866 for stable@freebsd.org; Fri, 7 Jul 2006 20:18:04 +0400 (MSD) (envelope-from dkirhlarov) Date: Fri, 7 Jul 2006 20:18:04 +0400 From: Dmitriy Kirhlarov To: stable@freebsd.org Message-ID: <20060707161801.GB42118@dimma.mow.oilspace.com> Mail-Followup-To: stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Mailer: Mutt-ng devel (2005-03-13) based on Mutt 1.5.9 X-Operating-System: FreeBSD 5.4-STABLE User-Agent: mutt-ng/devel-r581 (FreeBSD) Cc: Subject: nsswitch.conf problem with group status code X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jul 2006 16:18:07 -0000 Hi, list. I use mixed (master.passwd + ldap) authorization. I have a problem -- when network unreacheble, local users can't login to system. After investigation, I find reason -- timeouts, when resolver try return ldap server IP. I add to /etc/nsswitch.conf: group: files [success=return notfound=continue unavail=continue tryagain=continue] ldap passwd: files [success=return notfound=continue unavail=continue tryagain=continue] ldap and add in /usr/local/etc/ldap.conf debug 257 After that, I run id root I find, what success=return don't work for group -- we trying connecting to ldap server and get extended grouplist. Why my status code setup ignoring? WBR -- Dmitriy Kirhlarov OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia P:+7 495 105 7247 ext.203 F:+7 495 105 7246 E:DmitriyKirhlarov@oilspace.com OILspace - The resource enriched - www.oilspace.com