Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 168474 Details for
Bug 222693
net-nds/openldap-2.3.41: slapd takes a long time to start when "group:" line in nsswitch.conf file includes "ldap"
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Test case for bug 222693
222693-1.txt.txt (text/plain), 16.03 KB, created by
Andrei Iordache
on 2008-10-14 19:39:48 UTC
(
hide
)
Description:
Test case for bug 222693
Filename:
MIME Type:
Creator:
Andrei Iordache
Created:
2008-10-14 19:39:48 UTC
Size:
16.03 KB
patch
obsolete
>CASE 1: > >passwd: ldap >shadow: files >group: files > > # /usr/lib/openldap/slapd -d 256 -u ldap -g ldap -l daemon >@(#) $OpenLDAP: slapd 2.3.43 (Sep 7 2008 03:36:13) $ > root@gentoo.home:/var/tmp/portage/net-nds/openldap-2.3.43/work/openldap-2.3.43/servers/slapd >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_err2string >No passwd entry for user ldap < == HERE IT IS > >Slapd DOES NOT start. IT takes 15 seconds to give up. > > >CASE 2: > >passwd: ldap >shadow: ldap >group: files > >Exactly the same as Case 1. > >CASE 3: > >passwd: ldap >shadow: ldap >group: ldap > >Exactly the same as Case 1. > >CASE 4: > >passwd: files >shadow: ldap >group: ldap > ># /usr/lib/openldap/slapd -d 256 -u ldap -g ldap -l daemon >@(#) $OpenLDAP: slapd 2.3.43 (Sep 7 2008 03:36:13) $ > root@gentoo.home:/var/tmp/portage/net-nds/openldap-2.3.43/work/openldap-2.3.43/servers/slapd >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_err2string >No group entry for group ldap < == HERE IT IS > >Slapd DOES NOT start. IT takes 15 seconds to give up. > >CASE 5: > >passwd: files >shadow: files >group: ldap > > >Exactly the same as Case 4. > >CASE 6: > >passwd: files >shadow: files >group: files > ># /usr/lib/openldap/slapd -d 256 -u ldap -g ldap -l daemon >@(#) $OpenLDAP: slapd 2.3.43 (Sep 7 2008 03:36:13) $ > root@gentoo.home:/var/tmp/portage/net-nds/openldap-2.3.43/work/openldap-2.3.43/servers/slapd >slapd starting > >It starts instantaneously. Of course, nothing is being looked up in LDAP. > >CASE 7: > >passwd: files [SUCCESS=return] ldap [UNAVAIL=return] >shadow: files >group: files > ># /usr/lib/openldap/slapd -d 256 -u ldap -g ldap -l daemon >@(#) $OpenLDAP: slapd 2.3.43 (Sep 7 2008 03:36:13) $ > root@gentoo.home:/var/tmp/portage/net-nds/openldap-2.3.43/work/openldap-2.3.43/servers/slapd >slapd starting > >It starts instantaneously. BINGO! It performs as expected, because I DO have the ldap user in /etc/passwd: > ># cat /etc/passwd | grep ldap >ldap:x:439:439:added by portage for openldap:/usr/lib/openldap:/usr/sbin/nologin > >CASE 8: > >passwd: files [SUCCESS=return] ldap [UNAVAIL=return] >shadow: files [SUCCESS=return] ldap [UNAVAIL=return] >group: files > >Exactly as Case 8. Expected, because the password it's probably not even looked up in the shadow file. > >CASE 9: > >passwd: files [SUCCESS=return] ldap [UNAVAIL=return] >shadow: files [SUCCESS=return] ldap [UNAVAIL=return] >group: files [SUCCESS=return] ldap [UNAVAIL=return] > ># /usr/lib/openldap/slapd -d 256 -u ldap -g ldap -l daemon >@(#) $OpenLDAP: slapd 2.3.43 (Sep 7 2008 03:36:13) $ > root@gentoo.home:/var/tmp/portage/net-nds/openldap-2.3.43/work/openldap-2.3.43/servers/slapd >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_err2string >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_create >ldap_url_parse_ext(ldap://127.0.0.1/) >ldap_simple_bind >ldap_sasl_bind >ldap_send_initial_request >ldap_new_connection 1 1 0 >ldap_int_open_connection >ldap_connect_to_host: TCP 127.0.0.1:389 >ldap_new_socket: 9 >ldap_prepare_socket: 9 >ldap_connect_to_host: Trying 127.0.0.1:389 >ldap_connect_timeout: fd: 9 tm: 30 async: 0 >ldap_ndelay_on: 9 >ldap_is_sock_ready: 9 >ldap_is_socket_ready: error on socket 9: errno: 111 (Connection refused) >ldap_close_socket: 9 >ldap_err2string >ldap_unbind >ldap_err2string >slapd starting > >Whoops. This is like no case before. IT takes 30 SECONDS BUT it starts. It looks as if it's looking in the files AFTER the LDAP times out (of course it times out, it's not started yet). The point is that it seems that nss_ldap it's not respecting the order specified on the group line. It says files first, and then ldap. It looks as if nss_ldap looks into LDAP first and then in the files. Does it not? > > >In your last comment you say: > >>> On the other hand if I change in /etc/nsswitch.conf as following: >>> passwd: files ldap >>> shadow files ldap >>> group: files >>> then slapd starts instantly without problems. >> >>This means that there are two groups that your system is trying to do a lookup >>of, and /etc/groups doesn't contain them, so it goes to LDAP. > >How can it look for the group information in LDAP if the group line in nsswitch.conf contains only 'files'? Shouldn't it ONLY look in the passwd file in that case? > >Please let me know if this proof is not sufficient and I'll try to recompile nss_ldap with USE=debug to see what I can figure that way, but I'm not that good with programming and debugging. I'll try my best though. >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 222693
: 168474