Re: nss_ldap and udevd

On Tuesday 28 February 2006 18:39, Alan Jones wrote:
> Hi All,
>
> I've got an openldap server authenticating with heimdal, connecting with
> SASL. After entering the kerberos information in pam.d and the ldap options
> in nsswitch.conf I can login to the machine using details from the ldap
> server and kerberos authentication.
>
> However when I reboot the machine udevd attempts to access the ldap server
> for nss_ldap. This has things trying to happen before udev has even created
> the dev nodes (at least for eth0 and the hard disk - I didn't check which
> ones actually were created before this), let alone allowing the eth0 to
> start first.
>
> Does anyone know how I can fix this and prevent udevd from trying to do
> ldap things?


The change that has occurred in my situation is that nss_ldap is now not 
failing over if the LDAP server is unavailable (or returning if there are no 
more ldap servers to try).

You don't give the nss_ldap version, but if it is 244 or later (well, the last 
version I have which did not have this problem was 239 ...), look at setting 
"bind_policy" to "soft" in nss_ldap's ldap.conf.

Regards,
Buchan

-- 
Buchan Milne
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

pgpBpHwk3Rw8f.pgp
Description: PGP signature