On 10/11/11 10:59, Jiri Kanicky wrote:
On 10/11/11 06:46, Arthur de Jong wrote:
On Wed, 2011-11-09 at 10:47 +1100, Jiri Kanicky wrote:
I also noticed that if I am off-line, I am not able to fully login
to my
window manager (xfce4, kde4). The login part seems to finish
successfully and I receive a message that I am using cached
credentials,
however the screen stays black after that. nslcd logs problems to find
the LDAP again. If I stop the nslcd service, before the login, the
windows manager comes up no problem.
This is probably related to the earlier problem but output from nslcd -d
during such a login would help.
Could you also include /etc/nsswitch.conf and information about your PAM
stack?
Thanks,
Hi.
I also have got problem to unlock my screen. The following messages
are logged. It takes long time to unlock in (KDE) and I have to press
the unlock button several times.
Nov 10 10:52:41 knightrider nslcd[2103]: [4a481a] <authc="ganomil">
failed to bind to LDAP server ldap://maverick.allsupp.corp: Can't
contact LDAP server: Connection timed out
Nov 10 10:52:41 knightrider nslcd[2103]: [4a481a] <authc="ganomil"> no
available LDAP server found: Can't contact LDAP server
Nov 10 10:52:41 knightrider nslcd[2103]: [4a481a] <authc="ganomil">
"ganomil": user not found: Can't contact LDAP server
Nov 10 10:52:41 knightrider ccreds_chkpwd: Libgcrypt warning: missing
initialization - please fix the application
Nov 10 10:52:46 knightrider nslcd[2103]: [9478fe] <authc="ganomil"> no
available LDAP server found: Server is unavailable
Nov 10 10:52:46 knightrider nslcd[2103]: [9478fe] <authc="ganomil">
"ganomil": user not found: Server is unavailable
Nov 10 10:52:46 knightrider ccreds_chkpwd: Libgcrypt warning: missing
initialization - please fix the application
# cat /etc/nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns ldap
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
# cat /etc/nscd.conf
#
# /etc/nscd.conf
#
# An example Name Service Cache config file. This file is needed by
nscd.
#
# Legal entries are:
#
# logfile <file>
# debug-level <level>
# threads <initial #threads to use>
# max-threads <maximum #threads to use>
# server-user <user to run server as instead of root>
# server-user is ignored if nscd is started with -S
parameters
# stat-user <user who is allowed to request statistics>
# reload-count unlimited|<number>
# paranoia <yes|no>
# restart-interval <time in seconds>
#
# enable-cache <service> <yes|no>
# positive-time-to-live <service> <time in seconds>
# negative-time-to-live <service> <time in seconds>
# suggested-size <service> <prime number>
# check-files <service> <yes|no>
# persistent <service> <yes|no>
# shared <service> <yes|no>
# max-db-size <service> <number bytes>
# auto-propagate <service> <yes|no>
#
# Currently supported cache names (services): passwd, group, hosts,
services
#
# logfile /var/log/nscd.log
# threads 4
# max-threads 32
# server-user nobody
# stat-user somebody
debug-level 0
reload-count unlimited
paranoia no
# restart-interval 3600
enable-cache passwd yes
positive-time-to-live passwd 2592000
negative-time-to-live passwd 20
suggested-size passwd 211
check-files passwd yes
persistent passwd yes
shared passwd yes
max-db-size passwd 33554432
auto-propagate passwd yes
enable-cache group yes
positive-time-to-live group 2592000
negative-time-to-live group 60
suggested-size group 211
check-files group yes
persistent group yes
shared group yes
max-db-size group 33554432
auto-propagate group yes
# hosts caching is broken with gethostby* calls, hence is now disabled
# per default. See /usr/share/doc/nscd/NEWS.Debian.
enable-cache hosts no
positive-time-to-live hosts 2592000
negative-time-to-live hosts 20
suggested-size hosts 211
check-files hosts yes
persistent hosts yes
shared hosts yes
max-db-size hosts 33554432
enable-cache services yes
positive-time-to-live services 2592000
negative-time-to-live services 20
suggested-size services 211
check-files services yes
persistent services yes
shared services yes
max-db-size services 33554432
Hi,
Another good repro of the problem is that I login using cached
credentials, open Konsole (in KDE) and type "su". There is waiting
period of aprox. 5 seconds, then error. (does not even offer to type the
password)
ldapuser@knightrider:~$ su
su: Cannot determine your user name.
ov 18 15:51:12 knightrider nslcd[2095]: [c240fb] <passwd=-1> failed to
bind to LDAP server ldap://maverick.allsupp.corp: Can't contact LDAP
server: Connection timed out
Nov 18 15:51:12 knightrider nslcd[2095]: [c240fb] <passwd=-1> no
available LDAP server found: Can't contact LDAP server
Nov 18 15:51:12 knightrider nslcd[2095]: [a026fa] <passwd="ganomil"> no
available LDAP server found: Server is unavailable
Nov 18 15:51:12 knightrider nslcd[2095]: [a1deaa] <passwd=10001> no
available LDAP server found: Server is unavailable
Doing it again proceeds correctly, but when I open new Konsole, the
process is repeated.
If I stop nslcd, then there is no problem.
Regards,
Jiri
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
