Bug 221715 - openldap server take several minutes to start
openldap server take several minutes to start
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: openldap (Show other bugs)
6
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Jan Safranek
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-01-06 11:48 EST by Henrik Persson
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-21 05:00:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Henrik Persson 2007-01-06 11:48:37 EST
Description of problem:
The openldap server takes several minutes to start on machines where nss_ldap is
used with localhost as LDAP server.

The following entrys is shown i /var/log/messages:
Jan  6 12:43:17 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:43:17 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:43:17 lillen runuser: nss_ldap: reconnecting to LDAP server (sleeping
4 seconds)...
Jan  6 12:43:21 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:43:21 lillen runuser: nss_ldap: reconnecting to LDAP server (sleeping
8 seconds)...
Jan  6 12:43:29 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:43:29 lillen runuser: nss_ldap: reconnecting to LDAP server (sleeping
16 seconds)...
Jan  6 12:43:45 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:43:45 lillen runuser: nss_ldap: reconnecting to LDAP server (sleeping
32 seconds)...
Jan  6 12:44:17 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:44:17 lillen runuser: nss_ldap: reconnecting to LDAP server (sleeping
64 seconds)...
Jan  6 12:45:21 lillen runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Jan  6 12:45:21 lillen runuser: nss_ldap: could not search LDAP server - Server
is unavailable

It looks like runuser, which is used to start slapd, needs slapd to be running.
Catch 22.



Version-Release number of selected component (if applicable):

openldap-2.3.27-4
coreutils-5.97-12.2.fc6
glibc-2.5-3

How reproducible:

Every time. 100%


Steps to Reproduce:
1. Configure the machine to use LDAP authentication.
2. Set the LDAP server to localhost (127.0.0.1).
3. Start/Restart the LDAP-server (/etc/init.d/ldap restart).
4. The process will hang until nss_ldap times out.
  
Actual results:

runuser times out trying to access the LDAP server

Expected results:

The LDAP server should start without trying to ask itself questions befor it is
started.

Additional info:
Comment 1 Jay Fenlason 2007-01-08 10:55:49 EST
Please attach your /etc/ldap.conf to this bug report.  The most common cause 
for delays/hangs like this is misconfiguring nss_ldap, usually by messing up 
or removing the nss_initgroups_ignoreusers line. 
Comment 2 Jan Safranek 2007-05-21 05:00:26 EDT
No information requested was provided, so I close this bug as INSUFFICIENT_DATA.
Reporter, if you could, please, reopen and attach requested config file.

Note You need to log in before you can comment on or make changes to this bug.