Bug#782652: nslcd: Does not start at boot when uri set to DNS

[Arthur de Jong]

On Wed, 2015-04-15 at 18:36 +0200, أحمد المحمودي wrote:
> This bug might be related to #626603

It could be related. In general, if nslcd is started before DNS is
available, it can have issues with lookups. The DNS option for uri makes
this especially problematic because a DNS lookup is performed at
start-up (when reading the configuration file) to find the LDAP servers.

I'm not sure if the dependencies in the LSB headers in the init script
are correctly honoured by systemd and I've found that especially when
using network-manager DNS availability during boot it is very
undeterministic.

It would be nicer if nslcd could lookup the SRV records on the first
search (and possibly refresh them once in a while).

Patches welcome ;)

-- 
-- arthur - adej...@debian.org - http://people.debian.org/~adejong --


signature.asc
Description: This is a digitally signed message part

Bug#782652: nslcd: Does not start at boot when uri set to DNS

[أحمد المحمودي]

Package: nslcd
Version: 0.9.4-3
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages nslcd depends on:
ii  adduser3.113+nmu3
ii  debconf [debconf-2.0]  1.5.56
ii  libc6  2.19-17
ii  libgssapi-krb5-2   1.12.1+dfsg-19
ii  libldap-2.4-2  2.4.40-4

Versions of packages nslcd recommends:
ii  bind9-host [host]   1:9.9.5.dfsg-9
ii  host1:9.9.5.dfsg-9
ii  ldap-utils  2.4.40-4
ii  libnss-ldapd [libnss-ldap]  0.9.4-3
ii  libpam-ldapd [libpam-ldap]  0.9.4-3
ii  nscd2.19-17
ii  nslcd-utils 0.9.4-3

Versions of packages nslcd suggests:
pn  kstart  

-- Configuration Files:
/etc/network/if-up.d/nslcd changed:
if [ "$IFACE" = lo ] ; then
  exit 0
fi
/usr/bin/pgrep -f ^/usr/sbin/nslcd >/dev/null
if [ $? = 0 ]; then
  exit 0
fi
invoke-rc.d nslcd restart
exit 0


-- debconf information:
  nslcd/ldap-reqcert:
  nslcd/ldap-sasl-realm:
  nslcd/ldap-sasl-authcid:
* nslcd/ldap-starttls: false
  libraries/restart-without-asking: false
  nslcd/ldap-binddn:
  nslcd/xdm-needs-restart:
  nslcd/ldap-sasl-authzid:
  nslcd/restart-services:
  nslcd/disable-screensaver:
* nslcd/ldap-auth-type: none
  nslcd/ldap-cacertfile: /etc/ssl/certs/ca-certificates.crt
  nslcd/ldap-sasl-mech:
  nslcd/ldap-sasl-krb5-ccname: /var/run/nslcd/nslcd.tkt
* nslcd/ldap-uris: DNS
  nslcd/ldap-sasl-secprops:
  nslcd/restart-failed:
* nslcd/ldap-base: dc=varkon-sc,dc=com

-- 
 ‎أحمد المحمودي (Ahmed El-Mahmoudy)
  Digital design engineer
 GPG KeyID: 0xEDDDA1B7
 GPG Fingerprint: 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7


signature.asc
Description: Digital signature