Package: krb5-kdc
Version: 1.6.dfsg.4~beta1-5lenny1
The problem occurs when using the above package together with:
krb5-kdc-ldap 1.6.dfsg.4~beta1-5lenny2
slapd 2.4.11-1
If the Kerberos KDC is configured to run krb524d and use LDAP as its
back-end database, everything will work fine, but after some time the
number of open files associated with slapd will begin to grow. E.g.
when ldapi:/// is used:
~# lsof |grep slapd |tail -n 5
slapd 1741 openldap 184u unix 0xceb6e200 7172 /var/run/slapd/ldapi
slapd 1741 openldap 185u unix 0xce8cac80 7174 /var/run/slapd/ldapi
slapd 1741 openldap 186u unix 0xce8ca900 7176 /var/run/slapd/ldapi
slapd 1741 openldap 187u unix 0xce8ca580 7178 /var/run/slapd/ldapi
slapd 1741 openldap 188u unix 0xce8ca200 7180 /var/run/slapd/ldapi
~# _
Eventually, the maximum number of open files per process (default
1024) will be reached, after which, e.g., it will no longer be
possible to add new users to the Kerberos database.
A workaround is simply to restart the krb525d process periodically,
causing the vast majority of open files associated with slapd to
disappear and the cycle to repeat itself. Whether Kerberos is
configured to use ldap:/// or ldapi:/// for its back-end communication
with slapd is irrelevant.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20100214032822.47vo8mf74mww0...@www.umrk.nl
