Red Hat Bugzilla – Bug 585802
Problems installing RPMs with LDAP auth configured
Last modified: 2010-06-30 10:38:52 EDT
Description of problem:
I encountered a hang while installing nagios-nrpe on a LDAP authentication enabled system. The hang was associated with the useradd command.
/usr/sbin/useradd -r -d /var/log/nagios -s /bin/sh -c nagios nagios
Only way to get the above command to work was to remove the "ldap" fields from /etc/nsswitch.conf
I was surprised this was a problem as I have pam_min_uid set at 5000 set in /etc/ldap.conf so with the -r flag it shouldnt have even gone to ldap while adding this account.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. configure auth to an ldap server, w/o admin ability to create account in ldap
2. attempt to install any rpm that creates a service account
3. watch it hang
This delay most likely occurs when useradd attempts to find an unused UID to assign to the new nagios account. Basically, it has to guess by choosing a UID, checking if there's already a user with that ID, and if there is, checking the next higher one, continuing until it finds one that isn't used. It can take a while, but I believe that tweaking the UID_MIN and UID_MAX values in /etc/login.defs to adjust the range which useradd checks will solve this. Marking this works-for-me because I believe it's solvable in the configuration.