On Mon, 2007-11-05 at 12:01 -0500, Steve Langasek wrote: > > Have you tried replacing libnss-ldap with libnss-ldapd (only > > available in testing/unstable) ? > > The bug submitter is the maintainer and author of nss-ldapd, so I > suspect he may have done so ;) > > But you didn't send your message to the bug submitter. Forwarding > now.
Thanks. I will plug nss-ldapd a little more now ;-) Yes I'm using nss-ldapd now and it solves this particular problem pretty well. It also solves some other problems because of a much simpler architecture. The ldapsearch command would now do something like: ldapsearch |- NSS host lookup for LDAP server | \- send request to nslcd -> nslcd | \- does LDAP lookup for hostname \- does LDAP search So only one instance of OpenLDAP is active in each application which simplifies things greatly. Due to the architecture change and some refactoring I was also able to reduce the amount of code by 50%. The downside is that nss-ldapd is not yet as stable as nss_ldap. A memory leak has been reported (#447997) that seems to not have been fully dealt with at this time and nss-ldapd has obviously not had as much in-the-field testing as nss_ldap. Back to the bugreport. I'm not really sure if bug #340601 is really a bug in OpenLDAP. I think there is some locking done in OpenLDAP that is not strictly necessary on glibc but this is based on an examination of the source code I did a year ago so take it with a grain of salt. -- -- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part