Description of problem: When nscd is not running and ldap is used (possibly among other) as nameservice, running getent -s ldap hosts ... leads to a segmentation fault. The problem occurs on RedHat Enterprise 3 - 5.4 (don't have a newer version here). It only happens with the hosts database. Queries e.g. to passwd or netgroup do work. It does not matter whether a hostname is given or getent is called to list them all. Running without -s ldap is no problem. Running in gdb shows, that the problem seems to be a stack overflow. This function calling loop can be seen again and again: #7923 0x00002b417d1d992c in _nss_ldap_gethostbyname2_r () from /lib64/libnss_ldap.so.2 #7924 0x00002b417d1d998e in _nss_ldap_gethostbyname_r () from /lib64/libnss_ldap.so.2 #7925 0x00000035f5aea164 in gethostbyname_r@@GLIBC_2.2.5 () from /lib64/libc.so.6 #7926 0x00002b417d1f2bd0 in ?? () from /lib64/libnss_ldap.so.2 #7927 0x00002b417d1f2c7e in ?? () from /lib64/libnss_ldap.so.2 #7928 0x00002b417d1f1907 in ?? () from /lib64/libnss_ldap.so.2 #7929 0x00002b417d1dffd6 in ?? () from /lib64/libnss_ldap.so.2 #7930 0x00002b417d1e035a in ?? () from /lib64/libnss_ldap.so.2 #7931 0x00002b417d1d3bcb in ?? () from /lib64/libnss_ldap.so.2 #7932 0x00002b417d1d5fa0 in _nss_ldap_search_s () from /lib64/libnss_ldap.so.2 #7933 0x00002b417d1d6c2b in _nss_ldap_getbyname () from /lib64/libnss_ldap.so.2 now the first call appears again and this loop repeats infinitely until segfault. The segfault occurs in 0x00002b50343a6a69 in ?? () from /lib64/libnss_ldap.so.2 #0 0x00002b50343a6a69 in ?? () from /lib64/libnss_ldap.so.2 #1 0x00002b50343a8fa0 in _nss_ldap_search_s () from /lib64/libnss_ldap.so.2 #2 0x00002b50343a9c2b in _nss_ldap_getbyname () from /lib64/libnss_ldap.so.2 Stack trace starts with #18998 0x00002b83296a3fa0 in _nss_ldap_search_s () from /lib64/libnss_ldap.so.2 #18999 0x00002b83296a4c2b in _nss_ldap_getbyname () from /lib64/libnss_ldap.so.2 #19000 0x00002b83296a792c in _nss_ldap_gethostbyname2_r () from /lib64/libnss_ldap.so.2 #19001 0x00000035f5ae9ec8 in gethostbyname2_r@@GLIBC_2.2.5 () from /lib64/libc.so.6 #19002 0x00000035f5ae9c86 in gethostbyname2 () from /lib64/libc.so.6 #19003 0x0000000000402ae7 in ?? () #19004 0x0000000000402f5e in ?? () #19005 0x00000035f5a1d994 in __libc_start_main () from /lib64/libc.so.6 #19006 0x0000000000402009 in ?? () #19007 0x00007fffc75cdcd8 in ?? () Version-Release number of selected component (if applicable): glibc-2.5-42 glibc-common-2.5-42 nss_ldap-253-21.el5 How reproducible: This way: Steps to Reproduce: 1. configure ldap properly (cannot be explained here in detail) 2. /etc/init.d/nscd stop 3. getent -s ldap hosts Actual results: segfault Expected results: list of hosts is printed Additional info:
Narrowed down the problem, so openldap-2.3.43-3.el5 is involved, too. do_init_session in ldap-nss.c from nss_ldap calls ldap_initialize, who can be found in libraries/libldap/open.c of openldap . ldap_initialize calls ldap_create in the same file, who calls ldap_int_initialize in libraries/libldap/init.c , who calls ldap_pvt_get_fqdn with the variable name as argument, who has been set to ldap_int_hostname, what is NULL at that time. When name is NULL, ldap_pvt_get_fqdn calls gethostname, what returns the name of the host itself i.e. the ldap client. Now it calls ldap_pvt_gethostbyname_a in the same file, who in turn calls gethostbyname_r and the loop is complete, because in getent.c the lookup has been setup to only use ldap, so the local /etc/hosts is not read. I guess, ldap_initialize is determining the name of the host itself for later possibly initializing SSL using a client side certificate, but i don't know, what the use of this is in this place. Anyway at that time somehow the lookup should not use any other nameservice than the local files for the host itself etc (s.a.). When this has been fixed, the next problem might arise, when the ldap servers in /etc/ldap.conf are given by name for being looked up in /etc/hosts. As far as i remember, this is not an issue (any more) and can be found out easily by putting the IP-adress of one or more servers into /etc/ldap.conf . HTH.
*** This bug has been marked as a duplicate of bug 448883 ***