Updated computers to current Rawhide and broke NFS & NSS/LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I've just sync'd three of my computers to Rawhide, and NFS and LDAP are
now broken on each.

I get the following when I do a 'service nfs start':

Starting NFS services:                                     [  OK  ]
Starting NFS quotas: get_myaddress: getifaddrs: Bad address
                                                           [FAILED]
Starting NFS daemon:                                       [  OK  ]
Starting NFS mountd: get_myaddress: getifaddrs: Socket operation on non-
socket
                                                           [FAILED]


I'd been following Rawhide on my laptop, and everything was seeming
stable, so I decided to update two of my servers...  Since my laptop
only mounts NFS and doesn't serve up any shares, of course I didn't
notice the NFS problems till too late.

My primary server, germ, which provides LDAP & Kerberos to the other
computers, is having problems with nss_ldap authenticating as the binddn
in /etc/ldap.conf to the localhost slapd for NSS info.  When users try
to log into germ, NSS doesn't work for them.  When logged in as root, it
has no problem authenticating as rootbinddn with the password
in /etc/ldap.secret.

In my logs the following errors have started to appear in various forms:

Sep 28 21:45:05 germ crond[3652]: nss_ldap: reconnecting to LDAP
server...
Sep 28 21:45:05 germ crond[3653]: nss_ldap: reconnected to LDAP server
after 1 attempt(s)

Sep 28 21:47:19 germ saslauthd[2303]: auth_krb5:
krb5_get_init_creds_password
Sep 28 21:47:19 germ saslauthd[2303]: do_auth         : auth failure:
[user=ldap] [service=ldap] [realm=] [mech=kerberos5] [reason=saslauthd
internal error]

When I run 'testsaslauthd -u ldap -s ldap -p secret' (which is how
binddn and bindpw try to authenticate in /etc/ldap.conf), it says
"Success!"

In /var/log/slapd, I'm gettin things like:

Sep 28 19:27:20 germ slapd[5280]: connection_input: conn=8 deferring
operation: binding
Sep 28 19:27:20 germ slapd[5280]: conn=8 op=2 BIND
dn="uid=ldap,ou=Users,dc=hackunix,dc=org" method=128
Sep 28 19:27:20 germ slapd[5280]: SASL [conn=8] Error: unable to open
Berkeley db /etc/sasldb2: No such file or directory
Sep 28 19:27:20 germ last message repeated 2 times

I wish I could be less vague...  But I'm not able to figure out much
more than what I've just said.  I'm digging everywhere, trying to figure
out what changed that broke these two ever important functionalities.

I know my way around my systems...  I configured this tangled mess of
LDAP + Kerberos + SASL + NSS/PAM + NFS in the first place...

I've done 'find / -name *.rpmsave' and 'find / -name *.rpmnew' and
compared all the changes...  Everything seems fine.

Any ideas?  What's up with NFS?  And why can root do nss_ldap, but not
users?

Thanks much,

Derek P. Moore
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux