Package: libnss-ldapd Version: 0.6.1 Severity: important I discovered this problem when testing libnss-ldapd with the Lenny based Debian Edu installation (using nss-ldapd version 0.6). I confirmed the problem using the svn version of nss-ldapd. In the default installation of Debian Edu, the toplevel netgroup all-hosts do not seem to contain the 'tjener' host, yet the subgroup server-hosts contain it.
This is the relevant LDIF used to populate the OpenLDAP directory: dn: cn=printer-hosts,ou=Netgroup,dc=skole,dc=skolelinux,dc=no objectClass: top objectClass: nisNetgroup cn: printer-hosts dn: cn=workstation-hosts,ou=Netgroup,dc=skole,dc=skolelinux,dc=no objectClass: top objectClass: nisNetgroup cn: workstation-hosts dn: cn=ltsp-server-hosts,ou=Netgroup,dc=skole,dc=skolelinux,dc=no objectClass: top objectClass: nisNetgroup cn: ltsp-server-hosts dn: cn=server-hosts,ou=Netgroup,dc=skole,dc=skolelinux,dc=no objectClass: top objectClass: nisNetgroup cn: server-hosts nisNetgroupTriple: (tjener,-,-) dn: cn=all-hosts,ou=Netgroup,dc=skole,dc=skolelinux,dc=no objectClass: top objectClass: nisNetgroup cn: all-hosts memberNisNetgroup: ltsp-server-hosts memberNisNetgroup: printer-hosts memberNisNetgroup: server-hosts memberNisNetgroup: workstation-hosts Here is a test run using the current svn version (revision 711) demonstrating the problem. Notice how the output from 'netgroup all-hosts' is empty, while 'netgroup server-hosts' is not. Also, notice how nslcd only seem to be looking up one of the subgroups of all-hosts, the workstation-hosts. tjener:~# nslcd -d & [1] 7015 tjener:~# nslcd: DEBUG: add_uri(ldap://ldap/) nslcd: version 0.6.1 starting nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory nslcd: DEBUG: setgroups(0,NULL) done nslcd: accepting connections tjener:~# netgroup all-hosts nslcd: DEBUG: connection from pid=7022 uid=0 gid=0 nslcd: DEBUG: nslcd_netgroup_byname(all-hosts) nslcd: DEBUG: myldap_search(base="dc=skole,dc=skolelinux,dc=no", filter="(&(objectClass=nisNetgroup)(cn=all-hosts))") nslcd: DEBUG: simple anonymous bind to ldap://ldap/ nslcd: connected to LDAP server ldap://ldap/ nslcd: DEBUG: connection from pid=7022 uid=0 gid=0 nslcd: DEBUG: nslcd_netgroup_byname(workstation-hosts) nslcd: DEBUG: myldap_search(base="dc=skole,dc=skolelinux,dc=no", filter="(&(objectClass=nisNetgroup)(cn=workstation-hosts))") nslcd: DEBUG: simple anonymous bind to ldap://ldap/ nslcd: connected to LDAP server ldap://ldap/ tjener:~# netgroup server-hosts nslcd: DEBUG: connection from pid=7023 uid=0 gid=0 nslcd: DEBUG: nslcd_netgroup_byname(server-hosts) nslcd: DEBUG: myldap_search(base="dc=skole,dc=skolelinux,dc=no", filter="(&(objectClass=nisNetgroup)(cn=server-hosts))") nslcd: DEBUG: simple anonymous bind to ldap://ldap/ nslcd: connected to LDAP server ldap://ldap/ tjener tjener:~# fg nslcd -d nslcd: caught signal SIGINT (2), shutting down nslcd: version 0.6.1 bailing out tjener:~# Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
