ports/91806 : net/nss_ldap broken with getpwuid*
Sean McNeil
sean at mcneil.com
Thu May 11 23:30:21 UTC 2006
The following reply was made to PR ports/91806; it has been noted by GNATS.
From: Sean McNeil <sean at mcneil.com>
To: Artem Kazakov <kazakov at gmail.com>
Cc: bug-followup at FreeBSD.org
Subject: Re: ports/91806 : net/nss_ldap broken with getpwuid*
Date: Thu, 11 May 2006 16:28:14 -0700
On Wed, 2006-05-10 at 23:01 -0700, Sean McNeil wrote:
> On Thu, 2006-05-11 at 14:15 +0900, Artem Kazakov wrote:
> > Hello!
> >
> > Sean McNeil <sean at mcneil.com>:
> > > Recent update of nss_ldap breaks getpwuid* routines. This is evident with sshd. Attempting to
> > >
> > > ssh localhost
> > > Password:
> > > Connection to localhost closed by remote host.
> > > Connection to localhost closed.
> > >
> > > sshd[]: nss_ldap: could not search LDAP server - Server is unavailable
> > > sshd[]: fatal: login_get_lastlog: Cannot find account for uid 501
> > >
> > > Reverting to previous version fixes the problem.
> >
> > Could you please check your nss_ldap.conf file?
> > It looks like, if you set
> > bind_policy soft
> > nss_ldap stops working. I do not know the details yet, but I faced the same problem.
> > If you change bind_poicy to hard (as it is by default) everything should work.
>
> Indeed, this is exactly the problem I have. Commenting out my setting
> of "bind_policy soft" allows ssh to function once again.
bind_policy hard is just unacceptable to me as it causes my system
startup to be horrendous. Playing around with nss_ldap.conf offered
another solution for me that works:
bind_policy soft
nss_connect_policy oneshot
For some reason, persistent connections is messing up sshd. I'm happy
with the oneshot, though, and I'll stick with these options.
Cheers,
Sean
More information about the freebsd-ports-bugs
mailing list