On 26.4.2011, at 15.44, Wietse Venema wrote: >> However, for mail that originates on the mail host, e.g. by mail(1), >> when an LDAP outage causes local users to disappear (getent passwd >> username returns no results with exit code 2) local bounces the mail as >> user unknown. While this is not surprising behaviour, it is not the >> desired behaviour, either. > > This is a bug in the SYSTEM NSS LDAP client. The SYSTEM NSS LDAP > client works incorrectly: when the LDAP server fails to respond, > the SYSTEM NSS LDAP client returns a NOTFOUND result.
Just wondering: Is it really the nss-ldap code that is buggy or just the libc's getpwnam() call that is fundamentally broken? I recently changed Dovecot to use getpwnam_r() instead, since it allows proper error checking.
