From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040808 Firefox/0.9.3 Description of problem: When i tried to install postgressql-server the creation of the postgres user would fail, rendering the postgresql-sever instalation unuseful. If nscd service is stoped the problem can not be reproduced, that's why i think its a nscd issue. Version-Release number of selected component (if applicable): nscd-2.3.3 from glibc-2.3.3-27.src.rpm How reproducible: Always Steps to Reproduce: 1. Use LDAP authentication 2. Enable NSCD caching 3. Install postgresql-server on a clean instalation. (the whole point is that the postgres user must no existe yet). Actual Results: rpm complains that user postgres does no exist and uses root as default. Big no no. Expected Results: Clean rpm exit Additional info: Using LDAP authetication Enabling nscd cache (if not the 40 clients en up hanging the master server)
Please do the following: ~ start with a clean slate ~ stop nscd ~ run, by hand as root /usr/sbin/nscd -d -d -d this won't terminate ~ in another terminal perform the installation Attach the output of the nscd run to this bug.
Created attachment 104880 [details] nscd -d -d -d output when installing postgresql-server
It's now some time ago, that the bug was reported and the bug still is alive! I have it on FC3 as well on my FCDevel Box. I also received a mail mentioning this: nscd in FC has been patched to prune the password, group and hosts caches when it receives a SIGHUP, and shadow-utils has been patched to HUP nscd on relevant operations. http://cvs.fedora.redhat.com/viewcvs/devel/glibc/glibc-fedora.patch? rev=.&view=auto http://cvs.fedora.redhat.com/viewcvs/devel/shadow-utils/shadow-4.0.3- nscd.patch?rev=.&view=auto There was a bug at FC2'ish time where the nscd pid file had moved so that the HUP never happened. But that was fixed last year... https://bugzilla.redhat.com/125421
More Info: My versions: glibc-2.3.5-6 nscd-2.3.5-6 shadow-utils-4.0.7-7 Example: rpm -Uvh test-0.1-1.i386.rpm Preparing... ########################################### [100%] 1:test warning: group test does not exist - using root3%) ########################################### [100%] warning: group test does not exist - using root rpm -qp --scripts test-0.1-1.i386.rpm preinstall scriptlet (using /bin/sh): groupadd -r test >/dev/null 2>&1 postuninstall scriptlet (using /bin/sh): groupdel test >/dev/null 2>&1
LDAP does not seem to play a part in this, so adjusting summary. Anyway, this problem has resurfaced in FC4t3 (it doesn't occur in FC3). Reproducer (no LDAP configured, just using OOTB FC4t3 configuration): # /etc/init.d/nscd start # /usr/sbin/useradd test # /usr/sbin/userdel test userdel: user test does not exist # /usr/sbin/nscd -i passwd # /usr/sbin/userdel test # (works) I straced useradd, and it does not appear to look for the nscd PID file in order to HUP it any more. So probably this is a shadow-utils bug, dunno. No messages in syslog or audit.log.
This is a bug in shadow-utils. It seems 4.0.7 now instead of HUPing nscd connects to its socket directly and requests invalidation. But, nscd almost 2 years ago changed the location of its socket.
Created attachment 114666 [details] shadow-4.0.7-nscd-socket-path.patch Untested fix. I think this ought to be fixed for FC4, it is a regression from FC3.