[Pkg-openldap-devel] Bug#381788: 381788: slapd: TLS connections
fail when running as non-root
Adrian Bridgett
adrian at smop.co.uk
Sat Jan 13 22:47:15 CET 2007
On Sat, Jan 13, 2007 at 09:26:15 +0000 (+0000), adrian wrote:
> This post suggests an different workaround which I'll be trying:
> http://www.nabble.com/problem-to-startup-slapd-with-nss-enabled-and-local-ldap-server-t2501548.html
To follow up on that, the backport of libnss-ldap 251-7.1 by itself
doesn't fix the problem (the box is booted with init=/bin/sh thought
ATM so it's not a normal case!). However I don't think any trickery
with runlevels will help (which from what I see in the changelog might be
reverted anyhow).
Adding "nss_initgroups_ignoreusers root,openldap" to
/etc/ldap/ldap.conf didn't help, however adding it to
/etc/libnss-ldap.conf did indeed fix the problem :-)
/proc/<pid>/maps shows:
[heap]
/lib/ld-2.3.2.so
/lib/libcom_err.so.2.1
/lib/libnss_ldap-2.3.2.so
/lib/libwrap.so.0.7.6
/lib/tls/i686/cmov/libc-2.3.2.so
/lib/tls/i686/cmov/libcrypt-2.3.2.so
/lib/tls/i686/cmov/libdl-2.3.2.so
/lib/tls/i686/cmov/libm-2.3.2.so
/lib/tls/i686/cmov/libnsl-2.3.2.so
/lib/tls/i686/cmov/libnss_dns-2.3.2.so
/lib/tls/i686/cmov/libnss_files-2.3.2.so
/lib/tls/i686/cmov/libpthread-0.60.so
/lib/tls/i686/cmov/libresolv-2.3.2.so
[stack]
/usr/lib/i686/cmov/libcrypto.so.0.9.7
/usr/lib/i686/cmov/libssl.so.0.9.7
/usr/lib/ldap/back_hdb-2.3.so.0.2.17
/usr/lib/libdb-4.2.so
/usr/lib/libgcrypt.so.11.1.1
/usr/lib/libgnutls.so.11.1.16
/usr/lib/libgpg-error.so.0.1.3
/usr/lib/libgssapi_krb5.so.2.2
/usr/lib/libiodbcinst.so.2.1.11
/usr/lib/libiodbc.so.2.1.11
/usr/lib/libk5crypto.so.3.0
/usr/lib/libkrb5.so.3.2
/usr/lib/liblber-2.3.so.0.2.17
/usr/lib/liblber.so.2.0.130
/usr/lib/libldap_r-2.3.so.0.2.17
/usr/lib/libldap_r.so.2.0.130
/usr/lib/libltdl.so.3.1.0
/usr/lib/libsasl2.so.2.0.19
/usr/lib/libslp.so.1.0.0
/usr/lib/libtasn1.so.2.0.10
/usr/lib/libz.so.1.2.2
/usr/lib/sasl2/libsasldb.so.2.0.19
/usr/sbin/slapd
/var/lib/ldap/__db.001
/var/lib/ldap/__db.002
/var/lib/ldap/__db.003
/var/lib/ldap/__db.004
/var/lib/ldap/__db.005
[vdso]
HTH
Adrian
--
Adrian Bridgett - adrian at smop.co.uk
GPG key available on public key servers
More information about the Pkg-openldap-devel
mailing list