On Mittwoch, 27. Februar 2008, Andreas Hasenack wrote:
On Ter, 2008-02-26 at 18:49 -0800, Kamil Kisiel wrote:
On Tue, Feb 26, 2008 at 8:03 AM, Andreas Hasenack
ahasenack@terra.com.br wrote:
On Seg, 2008-02-25 at 23:07 -0800, Kamil Kisiel wrote:
I'm using nss_ldap on a whole bunch of machines on the network, and while it works great most of the time, I continuously get errors in my syslog. A sampling from today (these are actually from different machines, but I have anonymized the hostnames to be the same.):
Feb 25 09:30:25 server.example.com sshd[17495]: nss_ldap: could not search LDAP server - Server is unavailable Feb 25 11:11:08 server.example.com -bash: nss_ldap: could not search LDAP server - Server is unavailable Feb 25 21:50:01 server.example.com automount[5030]: nss_ldap: could not search LDAP server - Server is unavailable Feb 25 21:55:16 server.example.com nscd: nss_ldap: could not search LDAP server - Server is unavailable
This happens with processes that do fork(). Samba is a great example. Newer versions of nss_ldap have this fixed (I can't precise which version right now).
I doubt this is the case, as I am currently running version 258. I've updated to the latest 259 just in case it does make a difference, but I didn't see anything in the changelog that seemed to indicate it would fix anything.
This is what I was thinking about: 257 Luke Howard lukeh@padl.com
* patch from Ralf Haferkamp <rhafer@suse.de>: block SIGPIPE in atfork handler
That patch had nothing to do with the above issue. Without the patch applications using nss_ldap sometimes just crashed silently after the fork. At least when SSL/TLS was enabled. The above logs could even be harmless I think, it might be that the LDAP server was just restarted or closed the connection because of an idletimeout. Very hard to say without really knowing under what circumstances that happened.
Anyway, you should probably take this to the nssldap@padl.com mailing list.
Yes, that would probably be better.