Re: LDAPs causing System Message Bus to hang when there's no network

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Thu, 28 Apr 2011, Mattias Geniar wrote:

>> Did you include nss_initgroups_ignoreuser in your /etc/ldap.conf?
>>
>> nss_initgroups_ignoreusers root,ldap
>>
>> Brgds
>
> Hi Benjamin,
>
> I tried that, but that just makes it hang upon the next service trying
> to start (in our case: a zabbix monitoring daemon running as
> zabbix/zabbix).
>
> It works, if I include the entire list of all "local" users/groups that
> can be ignored. However, that's not feasible when doing mass-deploys on
> varied systems.
>
> If there's a way to simply say "ignore all users with UID's < 500" that
> could be a work-around I can live with, but it doesn't appear there is.

I'd hope you'd see these problems almost entirely go away in future with a
switch to sssd rather than nss_ldap, as it makes the whole process a lot more
stateful and aware of what's going on.

Having an rc.local that does an nsswitch.conf twiddle is probably a viciously
robust way of dealing with this problem...

jh
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux