FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-28-2011, 02:21 PM
"Mattias Geniar"
 
Default LDAPs causing System Message Bus to hang when there's no network

Hi Everyone,

I'm experiencing the following problem, for which I've not yet found a
resolution. It's been discussed elsewhere, but unfortunately nothing
actually solves it.

Here's my /etc/ldap.conf file:
#################
ldap_version 3
base ou=people,o=xxx
uri ldaps://server1.domain.be/ ldaps://server2.domain.be/
bind_policy soft
scope sub
timelimit 3
bind_timelimit 5
idle_timelimit 120
referrals no
ssl start_tls
ssl on
tls_checkpeer yes
tls_cacertdir /etc/openldap/cacerts
#################

And the relevant nsswitch:
#################
passwd: files ldap
shadow: files ldap
group: files ldap
#################

So that's pretty straight forward. My LDAP systems are running fine, and
I can authenticate to them.

However, the problem: when the client boots *without network
connectivity*, the server gets stuck/hangs at "Start System Message
Bus". I've tracked this down to the following known bug in Redhat, but
it dates back to early 2010.
https://bugzilla.redhat.com/show_bug.cgi?id=182464#c46

The solution works: if I comment out the "group" from nsswitch to only
load from "files" and not from "ldap", it works and the system boots.
However, since most systems (and that includes ours) uses groups for
management, that's not a viable option.

We're running the very latest 5.6 with all packages (only from the
CentOS repo's) up-to-date.

Has anyone else ever solved this to still be able to keep the group ldap
entry in nsswitch.conf without having a server hang on boot if there's
no network?

Regards,
Mattias
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:02 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org