[Pkg-openldap-devel] Bug#584133: slapd: Fails to lookup client hostname in hosts.allow and rejects connection
Peter A. McGill
petermcgill at goco.net
Tue Jun 1 15:45:25 UTC 2010
Package: slapd
Version: 2.4.11-1+lenny1
Severity: normal
When attempting to connect to slapd with an ldap client, the connection
is refused. But if I add a slapd: 172.21. entry to hosts.allow the
problem is fixed. However hosts.allow already contains this matching
entry ALL: .goco.net sshd matches this line fine allowing me to login,
but slapd does not. DNS forward and reverse mapping tested and working.
hosts.allow:
ALL: 127.
ALL: .goco.net
identd: ALL
hosts.deny:
ALL: ALL
resolf.conf:
nameserver 127.0.0.1
ldapsearch -x
ldap_result: Can't contact LDAP server (-1)
syslog:
Jun 1 10:23:18 aragorn slapd[4443]: >>> slap_listener(ldap:///)
Jun 1 10:23:18 aragorn slapd[4443]: daemon: listen=9, new connection on
17
Jun 1 10:23:18 aragorn slapd[4443]: fd=17 DENIED from unknown
(172.21.3.65)
Jun 1 10:23:18 aragorn slapd[4443]: daemon: closing 17
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (990, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24-etchnhalf.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages slapd depends on:
ii adduser 3.110 add and remove users and groups
ii coreutils 6.10-6 The GNU core utilities
ii debconf [debconf- 1.5.24 Debian configuration management sy
ii libc6 2.7-18lenny2 GNU C Library: Shared libraries
ii libdb4.2 4.2.52+dfsg-5 Berkeley v4.2 Database Libraries [
ii libgnutls26 2.4.2-6+lenny2 the GNU TLS library - runtime libr
ii libldap-2.4-2 2.4.11-1+lenny1 OpenLDAP libraries
ii libltdl3 1.5.26-4+lenny1 A system independent dlopen wrappe
ii libperl5.10 5.10.0-19lenny2 Shared Perl library
ii libsasl2-2 2.1.22.dfsg1-23+lenny1 Cyrus SASL - authentication abstra
ii libslp1 1.2.1-7.5 OpenSLP libraries
ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra
ii perl [libmime-bas 5.10.0-19lenny2 Larry Wall's Practical Extraction
ii psmisc 22.6-1 Utilities that use the proc filesy
ii unixodbc 2.2.11-16 ODBC tools libraries
Versions of packages slapd recommends:
pn libsasl2-modules <none> (no description available)
Versions of packages slapd suggests:
ii ldap-utils 2.4.11-1+lenny1 OpenLDAP utilities
-- debconf information:
slapd/password_mismatch:
slapd/tlsciphersuite:
slapd/invalid_config: true
shared/organization: london.goco.net
slapd/upgrade_slapcat_failure:
slapd/slurpd_obsolete:
slapd/backend: HDB
slapd/dump_database: when needed
slapd/allow_ldap_v2: false
slapd/no_configuration: false
slapd/move_old_database: true
slapd/suffix_change: false
slapd/dump_database_destdir: /var/backups/slapd-VERSION
slapd/purge_database: false
slapd/domain: london.goco.net
More information about the Pkg-openldap-devel
mailing list