kern/64788: nsswitch with ldap and starting ppp on boot gives errors

[Antoine Jacoutot]

>Number:         64788
>Category:       kern
>Synopsis:       nsswitch with ldap and starting ppp on boot gives errors
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 26 14:50:20 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Antoine Jacoutot
>Release:        FreeBSD 5.2.1-RELEASE-p3 i386
>Organization:
NONE 
>Environment:


System: FreeBSD 5.2.1-RELEASE-p3 #0: Thu Mar 18 16:40:16 CET 2004
    root at bsdbox.lphp.local:/usr/obj/usr/src/sys/BSDBOX



>Description:


When using ldap as an authentication mechanism (pam_ldap) and nss_ldap for user info, starting ppp automatically on boot gives the following error:
kernel su: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
kernel su: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
kernel su: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found

This is due to the fact that /etc/rc.d/ppp-user launches the following command:
su -m ${ppp_user} -c "exec ${ppp_command}"

And at this time, the ldap server is not started yet which means nsswitch cannot access it (for "su" infos).
Note that it does not avoid the connexion to be established (if ppp-user is root), so this might be more a cosmetic fix than a real problem, but I still it should be fixed though.


>How-To-Repeat:


Install and configure pam_ldap and nss_ldap for authentication and start ppp on boot (in rc.conf).


>Fix:


Make sure the ldap server (slapd) is started BEFORE ppp.


>Release-Note:
>Audit-Trail:
>Unformatted: