On Thu, 19 Jul 2007, Rouven Sacha wrote: > Am Donnerstag, den 19.07.2007, 16:29 +0200 schrieb Rouven Sacha: >> A small update: >> >> the problem seems to disappear if i disable libnss-ldap in nsswitch.conf >> - which is no long term solution for me, unfortunately. > > Hi Folks, > > I managed to find a solution. It's a Debian Bug. libnss-ldap.conf has > permissions set to 0600, so Cyrus isn't able to access it and aborts. > Wonder why it doesn't do it at the first time, but nevertheless. > > The bug is described here: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376277 On a busy server, you'll want to run nscd to cache lookups anyways, and since nscd runs as root it won't have problems with 600 permissions. In general, libnss-ldap.conf may contains your ldap binddn and password so you wouldn't want it to be publicly readable. On a closed server this wouldn't matter much though. Andy ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
