Bug#484798: libnss-ldapd: Lookups fail when the a failover condition occurs

2008-06-06 Thread Arthur de Jong 
merge 484798 474178
thanks

On Fri, 2008-06-06 at 16:55 +0200, Bernhard Schmidt wrote:
> libnss-ldapd is configured to lookup multiple servers
[...]
> If a server is unavailable at startup it can step through the server
> list just fine until it finds a working node
[...]
> However, when a once working node fails (e.g. is shutdown) nslcd
> breaks (it was connected to a local replicate on 127.0.0.1)
[...]
> ldap_result() failed: Can't contact LDAP server
> ldap_abandon() failed to abandon search: Other (e.g., implementation 
> specific) error

There is a known issue with detecting failures with open connections
(see #474178). This is most likely the same problem here so I'm merging
these bugs.

A new release is in the making that fixes this bug.

Thanks for using nss-ldapd.

-- 
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --


signature.asc
Description: This is a digitally signed message part

Bug#484798: libnss-ldapd: Lookups fail when the a failover condition occurs

2008-06-06 Thread Bernhard Schmidt 
Package: libnss-ldapd
Version: 0.6.2
Severity: important


libnss-ldapd is configured to lookup multiple servers

uri ldap://127.0.0.1
uri ldap://192.168.1.1
uri ldap://192.168.1.2

If a server is unavailable at startup it can step through the server list
just fine until it finds a working node

nslcd[8304]: version 0.6.2 starting
nslcd[8304]: accepting connections
nslcd[8304]: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP 
server: Transport endpoint is not connected
nslcd[8304]: failed to bind to LDAP server ldap://192.168.1.1/: Can't contact 
LDAP server: Transport endpoint is not connected
nslcd[8304]: connected to LDAP server ldap://192.168.1.2/

However, when a once working node fails (e.g. is shutdown) nslcd breaks (it
was connected to a local replicate on 127.0.0.1)

svr01:~# id schuell
uid=1003(schuell) gid=100(users) groups=100(users),500(wheel)
svr01:~# /etc/init.d/slapd stop
Stopping OpenLDAP: slapd.
svr01:~# id schuell
id: schuell: No such user

Logfile messages:

ldap_result() failed: Can't contact LDAP server
ldap_abandon() failed to abandon search: Other (e.g., implementation specific) 
error
ldap_result() failed: Can't contact LDAP server
ldap_abandon() failed to abandon search: Other (e.g., implementation specific) 
error

Works fine again immediately after the LDAP server becomes available again
(slapd is restarted) or nslcd is restarted.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages libnss-ldapd depends on:
ii  debconf [debconf-2.0]1.5.22  Debian configuration management sy
ii  libc62.7-10  GNU C Library: Shared libraries
ii  libkrb53 1.6.dfsg.3-2MIT Kerberos runtime libraries
ii  libldap-2.4-22.4.7-6.3   OpenLDAP libraries
ii  libsasl2-2   2.1.22.dfsg1-20 Cyrus SASL - authentication abstra

Versions of packages libnss-ldapd recommends:
ii  libpam-ldap   184-4  Pluggable Authentication Module al
ii  nscd  2.7-10 GNU C Library: Name Service Cache 

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]