Bug 495515

Summary: [RHEL5] nscd periodically fails to resolve user name.
Product: Red Hat Enterprise Linux 5 Reporter: Orion Poplawski <orion>
Component: nss_ldapAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED CURRENTRELEASE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: low    
Version: 5.3CC: bgmilne, dpal, drepper, geert.nijpels, jakub, jmsavlen, jplans
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-07-02 16:56:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Orion Poplawski 2009-04-13 15:58:37 UTC 
Description of problem:

Periodically (once every couple of days) we see the following error on our webserver:

Apr 12 19:21:17 hawk sendmail[29409]: NOQUEUE: SYSERR(apache): /etc/mail/submit.cf: line 451: readcf: option TrustedUser: unknown user smmsp: No such file or directory
Apr 12 19:21:29 hawk sendmail[29410]: NOQUEUE: SYSERR(apache): /etc/mail/submit.cf: line 432: readcf: option RunAsUser: unknown user smmsp: No such file or directory
Apr 12 19:21:29 hawk sendmail[29410]: NOQUEUE: SYSERR(apache): can not write to queue directory /var/spool/clientmqueue/ (RunAsGid=0, required=51): Permission denied

This goes away if I stop running nscd.  Not sure how to proceed with debugging this...

Version-Release number of selected component (if applicable):
nscd-2.5-34
Comment 1 Buchan Milne 2009-06-26 09:17:26 UTC 
Are you using LDAP for system users or groups?

E.g., can you assist in eliminating nss_ldap as the cause of bug #429702 ?
Comment 2 Orion Poplawski 2009-06-26 15:20:54 UTC 
We are using LDAP, and I suspect nss_ldap is the cause, but it seems no one is willing to help debug nss_ldap.
Comment 3 Dmitri Pal 2010-07-01 17:38:59 UTC 
Do you still see the problem?
The smmsp account is usually a local one. Do you have it in LDAP too?

Can you please provide additional information about your configuration:
* /etc/ldap.conf
* nsswitch.conf

Does it happen with any other account?
Comment 4 Orion Poplawski 2010-07-01 22:17:51 UTC 
Actually, I haven't seen this since Sep 21 2009 which is around when we went to 5.4 (which we did on Sep 18 2009).  Perhaps that did it.

I don't have smmsp in LDAP.

I didn't see trouble with other users, but this is our web server and this would affect mail submission from squirrel mail.  Otherwise didn't see much user activity.

Feel free to close.
Comment 5 Dmitri Pal 2010-07-02 16:56:23 UTC 
Closing since the problem is not reproducible any more. See comment #4.