1 |
On 10/22/07, Bertram Scharpf <lists@×××××××××××××××.de> wrote: |
2 |
> Hi, |
3 |
> |
4 |
> Am Montag, 22. Okt 2007, 13:44:19 +0100 schrieb Benjamin Smee: |
5 |
> > On Monday 22 October 2007 13:12:29 Bertram Scharpf wrote: |
6 |
> > > |
7 |
> > > @(#) $OpenLDAP: slapd 2.3.38 (Oct 18 2007 22:12:26) $ |
8 |
> > > root@myhost:/var/tmp/portage/net-nds/openldap-2.3.38/work/openldap-2.3.38/ |
9 |
> > >servers/slapd nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: |
10 |
> > > Can't contact LDAP server nss_ldap: failed to bind to LDAP server |
11 |
> > > ldap://127.0.0.1/: Can't contact LDAP server nss_ldap: failed to bind to |
12 |
> > > LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server |
13 |
> > > ... |
14 |
> > > nss_ldap: could not search LDAP server - Server is unavailable |
15 |
> > > |
16 |
> > > I found out that the Gentoo init script activates the |
17 |
> > > options "-u ldap -g ldap". Without them, the error messages |
18 |
> > > do not appear. Therefore I suppose the slapd daemon tries to |
19 |
> > > obtain passwd/shadow information for ldap via nss_ldap. At |
20 |
> > > least when I say "compat" in nsswitch.conf, the error |
21 |
> > > message doesn't appear as well. |
22 |
> > |
23 |
> > instead of -u ldap -g ldap, try putting in the UID and GID. This should stop |
24 |
> > the calls to the server. |
25 |
> |
26 |
> I forgot to mention that I tried this, too. The same |
27 |
> messages appear. |
28 |
> |
29 |
> Is there a way to determine _what_ nss is asked for? |
30 |
|
31 |
Sure, turn on nscd in super debug mode and you should see most, if not |
32 |
all the requests. |
33 |
|
34 |
-Alec |
35 |
|
36 |
> |
37 |
> > > I even tried to chown the |
38 |
> > > shadow file to ldap but this didn't save me from the weird |
39 |
> > > messages either. |
40 |
> > |
41 |
> > Don't play with the perms on /etc/shadow, you're just openning up security |
42 |
> > holes. |
43 |
> |
44 |
> That was just for a minute. Of course I recovered the |
45 |
> previous state immediately. |
46 |
> |
47 |
> Thanks anyway so far, |
48 |
> |
49 |
> Bertram |
50 |
> |
51 |
> |
52 |
> -- |
53 |
> Bertram Scharpf |
54 |
> Stuttgart, Deutschland/Germany |
55 |
> http://www.bertram-scharpf.de |
56 |
> -- |
57 |
> gentoo-dev@g.o mailing list |
58 |
> |
59 |
> |
60 |
-- |
61 |
gentoo-dev@g.o mailing list |