Summary: | nss_ldap with nptl overloads ldap server | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Brad Schuetz <brad> |
Component: | Current packages | Assignee: | Robin Johnson <robbat2> |
Status: | RESOLVED WORKSFORME | ||
Severity: | critical | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Brad Schuetz
2004-06-03 14:16:43 UTC
More information on this issue. Adding the hosts entry just delayed the problem for a while, it still happens after a few hours. Furthermore, after recompiling glibc (and several applications) to remove nptl the issue still appears so now I'm not sure where the problem comes from. are you using nscd? if not, turn it on. i'll see if i can get a chance to put together an ebuild with the patches for testing only, although i'm wondering why upstream didn't merge them after they said they would. Yes, running nscd. It doesn't help the problem. It is interesting that even when running nscd, other processes still show connections to ldap (seen via lsof). I'm not sure if this is supposed to happen or not. Programs like ssh, postfix, apache, etc, all show connections to port 389. On this server the only thing LDAP is used for is for user lookups via nss_ldap and authentication via pam_ldap. To keep things stable I've added the option "idletimeout 7200" to the slapd.conf on the server so that it kills off the extra connections. Also, at this time I'm believing that nptl was not to blame for the problem and the problems I was seeing just happened to be the same as in that email on the kernel list. Could be that the patch was applied to the main tree? upgrade to the latest nss_ldap-22[06]. if this is still a problem after that, re-open. |