Hide Forgot
Description of problem: Version-Release number of selected component (if applicable): nss-pam-ldapd-0.7.5-14.el6.x86_64 How reproducible: always Steps to Reproduce: 1. install nss-pam-ldapd 2. examine /etc/init.d/nslcd for a reference to including /etc/sysconfig/nslcd 3. Actual results: There is no references to include /etc/sysconfig/nslcd in the /etc/init.d/nslcd init script. Expected results: ALL init scritps should check for /etc/sysconfig/SCRIPT_NAME for additional options. Additional info: libnss3 by default does not pay attention to wildcard SSL certificates. In order to validate wildcard SSL certs with libnss3 you must be able to set the enviornment variable NSS_USE_SHEXP_IN_CERT_NAME. The appropriate place to set that variable with respec to nslcd would be in /etc/sysconfig/nslcd. However that file doesn't exist, and even if it did it wouldn't be included by the /etc/init.d/nslcd init script. The following line should be just after the ". /etc/init.d/functions" line: [ -r /etc/sysconfig/nslcd ] && . /etc/sysconfig/nslcd
Setting environment variables in the init script will not do much good because nslcd clears the environment on start-up. This is intentional because the OpenLDAP library reacts differently depending on which environment variables are set.
Shawn, with what Arthur said in comment #2, have you had a chance to test if sourcing the environment variable fixes the problem for you?
The required information has not been provided in over a month. Closing as insufficient data.