From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ja; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 Description of problem: After running nscd with nss_ldap for a while (< 1 day), the entire system becomes unusable: even bash or su fails to start, saying "broken pipe". Version-Release number of selected component (if applicable): nss_ldap-226-20 How reproducible: Sometimes Steps to Reproduce: 1. Set up nss_ldap and nscd. 2. Wait for a while (< 24 hours). Something like for i in `seq 1 1000` ; do id notme$i 2>/dev/null ; done lsof | grep ^nscd may also help to illustrate part of the problem. Actual Results: Every program (including su, bash, ssh, ps, ls, etc.) says "broken pipe" and fails to start Expected Results: No "broken pipe" Additional info: My _guess_ is that the problem _may_ be related to: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401758 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=246057 Although the above reports are for Debian, they seem to apply to RHEL 4.6 as well. In particular, the bash command lines for i in `seq 1 1000` ; do id notme$i 2>/dev/null ; done lsos | grep ^nscd often (though not always) seem to illustrate part of the problem.
I have systems exhibiting the same behavior and I can confirm that downgrading nss_ldap to nss_ldap-226-18 does fix this issue.
I also downgraded from nss_ldap-226-20 to nss_ldap-226-18, and my systems are running well (with nscd) for more than a week. Thanks! FYI, the problem _might_ have been related to nss_initgroups_ignoreusers in /etc/ldap.conf - see Bug 431301.
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. Please See https://access.redhat.com/support/policy/updates/errata/ If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.