OpenLDAP and libnss conflict
Neil Joseph Schelly
neil.schelly at oasis-open.org
Thu May 22 00:15:16 CEST 2008
On Wednesday 21 May 2008 15:07, Alain Spineux wrote:
> I just understood slapd was segfaulting at startup !
> You never spoke about statup before !
> This would have helped a bit !
I'm sorry - I thought I was being clear.
> I thing that when slapd start, it call a function related to NSS and
> regarding
> the configuration in nsswitch.conf try to get the answer from LDAP that is
> not
> yet started !
It's not slapd that is loading NSS. The process is being loaded with an
identity and privileges, so NSS gets loaded by that.
> Maybe slapd need to know uid of kolab, kolab-s, kolab-r users and groups to
> start !
> Then you must configure your NSS to look first into your existing passwd
> and group file,
> or something like that.
It does check local files too, but that doesn't prevent it from loading the
necessary LDAP libraries for the NSS LDAP lookups.
> ldap_bind() is part of the LDAP api and should not be used by slapd
> and don't event exist in slapd. Then slapd could not "load" this "symbol"
> Why do you thing ldap_bind or any other functions part of the LDAP api
> is used by slapd
I picked an arbitrary function, not one that's necessary involved in either.
ldap_bind() is a function in libldap_r though, and as such it's compiled into
slapd.
--
Regards,
Neil Schelly
W: 978-667-5115 x213
M: 508-410-4776
Systems Administrator
OASIS http://www.oasis-open.org
"Advancing open standards for the information society"
More information about the users
mailing list