I have a few amd64 machines that after upgrading to sys-libs/glibc-2.3.6-r4 and now one x86 machine that after upgrading to sys-libs/glibc-2.4-r3 have nscd randomly crashing. Everytime this happens I can't use my LDAP users on these machines. After googling I found the following patch from Novell: <http://support.novell.com/techcenter/psdb/b066f2b70bb375a45c60369b6c7ed6da.html>. I couldn't understand exactly what Novell has done but it might be related to this issue. I can provide any extra info necessary. Please advise. Here is the emerge --info of the x86 affected: Portage 2.1-r2 (default-linux/x86/2006.0, gcc-4.1.1, glibc-2.4-r3, 2.6.17-gentoo-r7 i686) ================================================================= System uname: 2.6.17-gentoo-r7 i686 AMD Athlon(tm) XP 2500+ Gentoo Base System version 1.12.4 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O3 -march=i686 -fomit-frame-pointer -pipe -DSAVING_ALWAYS_PERMIT" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O3 -march=i686 -fomit-frame-pointer -pipe -DSAVING_ALWAYS_PERMIT" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig buildpkg distlocks fixpackages metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.ccccom.com http://gentoo.mirror.sdv.fr http://distro.ibiblio.org/pub/Linux/distributions/gentoo/ http://gentoo.osuosl.org/" MAKEOPTS="-j5" PKGDIR="/var/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage /usr/local/portage-fabrica" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 X a52 aac aalib alsa apache2 apm apng arts audiofile avi bitmap-fonts bzip2 bzlib cddb cdparanoia cdr cli crypt cups dbus dga dlloader dri dts dvd dvdr edl eds emboss encode faac faad fame ffmpeg flac foomaticdb fortran gd gdbm gif gimpprint gmp gpm gtk2 hal imagemagick imlib isdnlog jbig jng jpeg jpeg2k kde kdeenablefinal lcms ldap libcaca libg++ libwww live lzo mad matroska md5sum mikmod mjpeg mmx mng motif mp3 mpeg musepack musicbrainz ncurses nls nptl ogg oggvorbis opengl oss pam pcre pdflib perl png ppds pppd python qt qt3 qt4 quicktime readline real reflection samba sdl session sndfile speex spell spl ssl subversion svg svga tcpd tga theora tiff truetype truetype-fonts type1-fonts udev unicode usb vcd vorbis win32codecs wmf x264 xine xinerama xml xmms xorg xv xvid xvmc zlib elibc_glibc input_devices_keyboard input_devices_mouse kernel_linux userland_GNU video_cards_nv video_cards_vesa video_cards_vga video_cards_fbdev video_cards_radeon" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 96001 [details, diff] glibc-2.4-nscd-memsetsize.diff try this patch
(In reply to comment #1) > Created an attachment (id=96001) [edit] > glibc-2.4-nscd-memsetsize.diff > > try this patch I am sorry for the delayed answer. How is the best way for me to test this patch? I mean, how is the best (faster, easier, whatever) way to re-emerge glibc with this patch applied. I'm sorry for the, probably, obvious question.
edit the glibc ebuild, go to the line with this: gnuconfig_update and add right above that: epatch /path/to/the/nscd/patch then emerge glibc
I messed up my bug report. I upgraded one machine to glibc 2.4 and another one is having the nscd crash issue. I confused the two. I am sorry but the confusion. I am right now upgrading the machine with the nscd issue to gcc 4.1.1 and glibc 2.4. I am closing this bug as RESOLVED INVALID. I will reopen it if the upgraded machine show the nscd issue, ok?
(In reply to comment #1) > Created an attachment (id=96001) [edit] > glibc-2.4-nscd-memsetsize.diff > > try this patch After upgrading the affected machine to glibc 2.4 I still get login problems. I tried the mentioned patch and the problem remains (login of ldap users blocked). nscd isn't crashing anymore but to reenable login of ldap users I still have to restart nscd. My login problems started when I upgraded to a newer glibc release (newer than sys-libs/glibc-2.3.6-r4). At that time (still with glibc-2.3.6) nscd was crashing. Now it isn't crashing but after some time up the login of ldap users is blocked. Restarting nscd reenables ldap login. Shall I open a new bug and re-close this one?
Rodrigo: What are you getting in your syslog? How is your nsswitch setup? what do you have in /etc/openldap/ldap.conf? I have several boxes in a similar situation and don't get nscd crashing and when I stop nscd, I can login just fine into those boxes.
spanky: nice going on that nscd patch. infra is affected by this problem on some boxes too. if nscd didn't crash, it did stop responding to lookups, so there is probably another bug lurking in it somewhere.
(In reply to comment #6) > Rodrigo: What are you getting in your syslog? Related to the issue at hand I believe the significant part is: Sep 29 18:57:22 [sshd] nss_ldap: failed to bind to LDAP server ldap://auth.fabricadeideias.com: Can't contact LDAP server Sep 29 18:57:22 [sshd] nss_ldap: reconnected to LDAP server ldaps://auth.fabricadeideias.com/ I get tons of it. > How is your nsswitch setup? The part different from regular setups is: passwd: files ldap shadow: files ldap group: files ldap > what > do you have in /etc/openldap/ldap.conf? BASE dc=fabricadeideias,dc=com URI ldaps://auth.fabricadeideias.com:636/ TLS_REQCERT allow > I have several boxes in a similar situation and don't get nscd crashing and > when I stop nscd, I can login just fine into those boxes. Right now I can't login at all if I stop nscd. After implementing my ldap login system I decided to start nscd to make some operations faster (like ls). I don't remember needing nscd to make login work.
I solved a similar problem by creating /var/db/nscd This folder does not exist and is needed in case LDAP is not available.
(In reply to comment #9) > I solved a similar problem by creating /var/db/nscd > This folder does not exist and is needed in case LDAP is not available. I created this folder in one of my problematic machines. No change. It's important to mention that I have problems loging in as users defined in LDAP even when LDAP *is* available.
Asked robin and this seems to have worked itself out.
