1 |
On Tue, Jun 06, 2006 at 10:48:51AM +0100, J?rgen Schinker wrote: |
2 |
> actually my x86 maschine makes at boot when it starts udev |
3 |
> an ldap request and waits 6 ... 8 ...16 sec |
4 |
> so at this time ldap is not running |
5 |
> |
6 |
> so what wants udev at this early stage ? |
7 |
> |
8 |
> my nsswitch.conf |
9 |
> |
10 |
> hosts files dns ldap |
11 |
> |
12 |
> and all users,groups,DNS,DHCP are stored in ldap.... |
13 |
Please search for bugs next time. |
14 |
|
15 |
A search string of 'nss udev' to bugzilla, would take you to bug 99564. |
16 |
|
17 |
The udev/nss_ldap thing has been brewing for a while, and we're still trying to |
18 |
get upstream udev to fix the issue. |
19 |
http://bugs.gentoo.org/show_bug.cgi?id=99564#c44 |
20 |
|
21 |
In that comment I list the proper solution that upstream needs to undertake |
22 |
(make udev not lookup nss entries unless it is actually creating device nodes |
23 |
that need the entries), and some other workarounds. |
24 |
|
25 |
There's one additional workaround, that makes the new nss_ldap retry behavior |
26 |
closer to the old behavior (1 retry, 1 second gap, not configurable): |
27 |
|
28 |
For the timeouts, add these three lines to /etc/ldap.conf on affected machines: |
29 |
nss_reconnect_tries 0 |
30 |
nss_reconnect_sleeptime 1 |
31 |
nss_reconnect_maxconntries 4 |
32 |
|
33 |
That won't remove the problem, but it will greatly reduce the waiting. |
34 |
|
35 |
Also FYI, if you have an /etc/ldap.conf line that continues 'ssl on', change it |
36 |
to 'ssl start_tls'. |
37 |
|
38 |
-- |
39 |
Robin Hugh Johnson |
40 |
E-Mail : robbat2@g.o |
41 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |