Re: udev vs ldap at startup

To: Petter Reinholdtsen <pere@hungry.com>
Cc: debian-devel@lists.debian.org
Subject: Re: udev vs ldap at startup
From: Brian May <bam@debian.org>
Date: Fri, 11 Aug 2006 14:59:16 +1000
Message-id: <[🔎] sa464gz6f6j.fsf@margay.local>
References: <[🔎] sa4bqqywvkc.fsf@margay.local> <[🔎] 2flejvq9i7i.fsf@saruman.uio.no> <[🔎] 20060810024227.GI6949@mauritius.dodds.net>

>>>>> "Steve" == Steve Langasek <vorlon@debian.org> writes:

    Steve> libnss-ldap has a new, retarded upstream default where it
    Steve> polls the server several times in the case of a connection
    Steve> refused error instead of just returning a notfound to the
    Steve> caller.

Arhhhh....

So that probably would explain why I can no longer log in as root when
the NSS LDAP server is down, even with LDAP PAM support disabled and
files is listed before ldap in /etc/nsswitch.conf.

ethereal shows the following queries when it is working:

Lightweight Directory Access Protocol
LDAP Message, Search Request
Message Id: 5
Message Type: Search Request (0x03)
Message Length: 96
Base DN: dc=microcomaustralia,dc=com,dc=au
Scope: Subtree (0x02)
Dereference: Never (0x00)
Size Limit: 1
Time Limit: 0
Attributes Only: False
Filter: (&(objectClass=posixAccount)(uid=root))

LDAP Message, Search Result
Message Id: 5
Message Type: Search Result (0x05)
Message Length: 7
Response To: 1
Time: 0.000346000 seconds
Result Code: success (0x00)
Matched DN: (null)
Error Message: (null)

LDAP Message, Search Request
Message Id: 6
Message Type: Search Request (0x03)
Message Length: 111
Base DN: dc=microcomaustralia,dc=com,dc=au
Scope: Subtree (0x02)
Dereference: Never (0x00)
Size Limit: 0
Time Limit: 0
Attributes Only: False
Filter: (&(objectClass=posixGroup)(memberUid=root))
Attribute: gidNumber
LDAP Controls
LDAP Control
Control OID: 1.2.840.113556.1.4.319
Control Value: 3006020203E804000000

LDAP Message, Search Result
Message Id: 6
Message Type: Search Result (0x05)
Message Length: 7
Response To: 4
Time: 0.000415000 seconds
Result Code: success (0x00)
Matched DN: (null)
Error Message: (null)
LDAP Controls
LDAP Control
Control OID: 1.2.840.113556.1.4.319
Control Value: 300502010004000000


The second query is trying to find out all the groups root is in (is
it possible to skip this???).

I don't understand the first one. root is defined in /etc/passwd.

getent passwd with the LDAP server down lists all local users
(including root) before hanging.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: udev vs ldap at startup
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Re: udev vs ldap at startup
  - From: Vincent Danjean <Vincent.Danjean@ens-lyon.org>

References:
- udev vs ldap at startup
  - From: Brian May <bam@debian.org>
- Re: udev vs ldap at startup
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: udev vs ldap at startup
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: piuparts unprocessed failed logs page
Next by Date: Bug#382451: ITP: varnish -- High-performance HTTP accelerator
Previous by thread: Re: udev vs ldap at startup
Next by thread: Re: udev vs ldap at startup
Index(es):
- Date
- Thread