Andy Harrison wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/10/07, Craig White wrote:
As for 'critical apps that require' nscd...I don't personally know of
any and if we are talking about CentOS-5 which has 2.3.27 version of
openldap...the 2.3.x versions are very fast and I'm not certain that
nscd is of all that much benefit (but I don't know because I have never
tested it out).
Can CentOS (openldap) be configured to work without nscd for file
ownership over nfs mounted volumes?
- --
Andy Harrison
Problem solved (kind of). Openldap was working for logins, but not for
launching certain apps, that's why nscd was installed. Launching acroread
with strace showed the following.
<snip>
[2]$ strace /usr/local/Adobe/Acrobat7.0/bin/acroread 2>&1|tee| grep nss
open("/etc/nsswitch.conf", O_RDONLY) = 4
read(4, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1658
open("/usr/local/Adobe/Acrobat7.0/Reader/intellinux/lib/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/tls/i686/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/i686/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libnss_files.so.2", O_RDONLY) = 4
open("/usr/local/Adobe/Acrobat7.0/Reader/intellinux/lib/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/tls/i686/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/i686/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/i686/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/tls/i686/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/i686/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/i686/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libnss_ldap.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
</snip>
With the i386 libs for ldap installed acroread along with other programs were able to get
their user id authentication and run properly, therefore nscd was no longer needed.
This did not solve the mystery of why nscd was dying, just eliminated the need for it.
Here is part of the strace on nscd (4096 is the pid). There is a lot of stuff above this,
but the end where is segfaults always looks pretty much the same.
<snip>
geteuid32() = 430
open("/etc/passwd", O_RDONLY) = 4
fcntl64(4, F_GETFD) = 0
fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
fstat64(0x4, 0xffffcd2c) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x1000) = 0xfffffffff7429000
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 1946
read(4, "", 4096) = 0
close(4) = 0
munmap(0xf7429000, 4096) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
exit_group(1) = ?
Process 27033 detached
</snip>
Haven't tested to see if the i386 libnss_ldap fixed the nscd issue.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos