Package: nslcd
Version: 0.9.4-3
Severity: important
After installing some unrelated program using apt-get, it was discovered that
nslcd needs a restart und I was promted to restart it (among other services).
A while after, all LDAP users failed to login or get their mail delivered. It
was then discovered that nslcd was not running anymore.
Starting it (again) resolved the issue.
This also happend a while ago in the same way, so I guess it is due to the
restart happening, altough I cannot reproduce when manually restarting the
service.
The logs when the error occured read:
Feb 15 12:12:01 gate nslcd[26487]: caught signal SIGTERM (15), shutting down
Feb 15 12:12:01 gate nslcd[21177]: Stopping LDAP connection daemon: nslcd.
Feb 15 12:12:01 gate nslcd[21302]: version 0.9.4 starting
Feb 15 12:12:04 gate nslcd[26487]: thread 2 is still running, shutting down
anyway
Feb 15 12:12:04 gate nslcd[26487]: version 0.9.4 bailing out
Feb 15 12:12:06 gate nslcd[21302]: accepting connections
Feb 15 12:12:06 gate nslcd[21231]: Starting LDAP connection daemon: nslcd.
and nothing until when try to recover some hours later:
Feb 15 16:56:23 gate nslcd[20861]: Stopping LDAP connection daemon: nslcdNo
nslcd found running; none killed.
Feb 15 16:56:23 gate nslcd[20861]: .
Feb 15 16:56:23 gate nslcd[20878]: version 0.9.4 starting
Feb 15 16:56:23 gate nslcd[20878]: accepting connections
Feb 15 16:56:23 gate nslcd[20870]: Starting LDAP connection daemon: nslcd.
Feb 15 16:56:33 gate nslcd[20878]: [8b4567] <passwd="someusername"> (re)loading
/etc/nsswitch.conf
Feb 15 16:58:13 gate nslcd[20878]: [0bd78f] <passwd="*"> request denied by
validnames option
Other procs start to complain immediately:
/var/log/auth.log:Feb 15 12:13:16 gate su[10107]: pam_ldap(su:session): error
opening connection to nslcd: Datei oder Verzeichnis nicht gefunden
/var/log/auth.log:Feb 15 12:14:18 gate sshd[16245]: pam_ldap(sshd:session):
error opening connection to nslcd: No such file or directory
/var/log/auth.log:Feb 15 12:14:21 gate auth: pam_ldap(dovecot:auth): error
opening connection to nslcd: No such file or directory
And recovered once nslcd was restartet.
When manually restarting:
Feb 16 10:02:25 gate nslcd[20878]: caught signal SIGTERM (15), shutting down
Feb 16 10:02:25 gate nslcd[16661]: Stopping LDAP connection daemon: nslcd.
Feb 16 10:02:25 gate nslcd[20878]: version 0.9.4 bailing out
Feb 16 10:02:25 gate nslcd[16678]: version 0.9.4 starting
Feb 16 10:02:25 gate nslcd[16678]: accepting connections
Feb 16 10:02:25 gate nslcd[16670]: Starting LDAP connection daemon: nslcd.
Feb 16 10:03:55 gate nslcd[16678]: [1b58ba] <passwd="*"> request denied by
validnames option
-- System Information:
Debian Release: 8.3
APT prefers stable
APT policy: (700, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages nslcd depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.56
ii libc6 2.19-18+deb8u2
ii libgssapi-krb5-2 1.12.1+dfsg-19+deb8u2
ii libldap-2.4-2 2.4.40+dfsg-1+deb8u2
Versions of packages nslcd recommends:
ii bind9-host [host] 1:9.9.5.dfsg-9+deb8u5
ii ldap-utils 2.4.40+dfsg-1+deb8u2
ii libnss-ldapd [libnss-ldap] 0.9.4-3
ii libpam-ldapd [libpam-ldap] 0.9.4-3
ii nscd 2.19-18+deb8u2
ii nslcd-utils 0.9.4-3
Versions of packages nslcd suggests:
pn kstart <none>
-- debconf information:
nslcd/restart-failed:
nslcd/ldap-sasl-mech:
nslcd/xdm-needs-restart:
* nslcd/ldap-base: <my private dc>
nslcd/ldap-reqcert:
nslcd/ldap-cacertfile: /etc/ssl/certs/ca-certificates.crt
nslcd/ldap-sasl-realm:
nslcd/ldap-sasl-krb5-ccname: /var/run/nslcd/nslcd.tkt
nslcd/disable-screensaver:
nslcd/ldap-sasl-secprops:
* nslcd/ldap-uris: ldap://127.0.0.1/
nslcd/restart-services:
* libraries/restart-without-asking: true
nslcd/ldap-sasl-authcid:
nslcd/ldap-auth-type: simple
nslcd/ldap-starttls: false
nslcd/ldap-binddn: uid=proxyuser,<my private dc>
nslcd/ldap-sasl-authzid:
