Brian May <[EMAIL PROTECTED]> writes: > Hmmm.
> Let me hazard a guess: > slapd uses libldap 2.3 which uses openssl > libnss-ldap uses libldap 2.1 which uses GNU TLS libraries > Either the ldap libaries conflict or the TLS libraries conflict (or > all of the above). > Unless any of the above uses versioned symbols... The LDAP libraries do not use versioned symbols. So yes. Nasty things happen. > Still I am puzzled, why would running it as root help? Because the only (?) time that slapd calls getpwnam (and hence loads nss-ldap and creates the library conflict) is if you tell it to run as a different user. Otherwise, it appears to be much more stable. > Another theory I have had is that something is broken in GNU TLS. The latest GnuTLS should be good; the OpenLDAP folks tested it in conjunction with 2.4 when doing the development work. > Is it possible to rebuild the Debian package of openldap 2.1 against > openssl instead or is this likely to be complicated? It's not for licensing reasons, or we would just use the 2.3 version of OpenLDAP and build the whole thing against OpenSSL. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
