On Wed, 2009-12-09 at 15:02 +0100, Petter Reinholdtsen wrote: > [Arthur de Jong] > > Thanks for reporting this. Just to be clear, you are seeing this > > with libnss-ldapd 0.6.7.1 and 0.7.1? > > I'm seing this with version 0.7.1 backported to Lenny. I suspect it > also was in 0.6.7.1, but did not really investigate that, as I > upgraded libnss-ldapd to see if it would give me quicker login and > then started looking into the problem when it didn't.
Sorry to not get back to you sooner but this is a difficult one to track down. Could you check to see if this problem is also in libnss-ldapd 0.6.7.1? > > Can you also reproduce this with just 'getent group' (or id -a user)? > > Nope. Those do not cause nscd to crash. > > > Does it make a difference if nscd is running or not? > > Both those commands behave the same with nscd running and not. Are there any problems with logging in via SSH with nscd not running? What version of libc and nscd are you running? > > Does cleaning the nscd cache make a difference (nscd -i passwd; nscd > > -i group)? > > The crash still happened after I ran these two commands before > starting nscd using valgrind. > > > If this is a problem with the communication between nscd and the NSS > > module, recompiling the NSS module with -DDEBUG_PROT (and maybe even > > -DDEBUG_PROT_DUMP) could give a lot more details. Warning: this > > causes every command that does NSS lookups (through LDAP) to output > > a lot of debugging information. > > I am reluctant to enable that much debugging with 8000 file groups in > LDAP. :/ Another way to do this is to use LD_PRELOAD: LD_PRELOAD=/usr/src/nss-pam-ldapd/nss/nss_ldap.so nscd -d > Anyway, I gave it a try and was flodded with messages. No idea which > one are relevant, and ran out of time to debug any further. Not sure > if it would crash either, as I had to kill the process before I run to > install a version without so much noise. Could you clear the nscd cache (stop nscd, clear files under /var/cache/nscd) and run both nscd and nslcd in debug mode to see which NSS queries are performed during an SSH login? I suspect this may be a problem in nscd somewhere but I've also seen other strange crashes in nscd in the past with corrupted cache files. -- -- arthur - [email protected] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
