nss_ldap broken with sshd on amd64 -stable

Sean McNeil sean at mcneil.com
Fri Jan 13 00:33:57 PST 2006

Just found that sshd and nss_ldap is broken with the latest version.
Reverting to NSS_LDAP_VERSION=239 restores functionality.

The problem I believe is with getpwuid(). It looks like it is returning
NULL.  I see:

login_get_lastlog: Cannot find account for uid X

from sshd.

I get the following additional errors with NSS_LDAP_VERSION=244:

sshd[]: nss_ldap: could not search LDAP server - Server is unavailable
sshd[]: fatal: login_get_lastlog: Cannot find account for uid 501
sshd[]: syslogin_perform_logout: logout() returned an error

Odd thing is, I see the following with 239:

sshd[]: nss_ldap: reconnecting to LDAP server...
sshd[]: nss_ldap: reconnected to LDAP server after 1 attempt(s)

with a successful login with sshd.

The only real difference I have in nss_ldap.conf from the standard is

bind_policy soft


More information about the freebsd-amd64 mailing list