|
»
»
»
Strange nss library behavior with OL 2.4.7
|
View:
New views
5 Messages
—
Rating Filter:
Alert me
|
 |
Strange nss library behavior with OL 2.4.7
by Tony Earnshaw-4
::
Rate this Message:
Hi list,
Maybe someone knows? Can't really ask or report an ITS on the OL list, since there's nothing wrong on OL's part. I just built and installed OL 2.4.7 rpms (Buchan's spec) on FC6. Was previously running 2.4.6 (but also 2.3.39 is installed, can have both at once). I get this: 1063 [root:tru.leerlingen] /root # ldapsearch2.4 -x 'uid=sammy' \ gidnumber # extended LDIF # # LDAPv3 # base <dc=billy,dc=demon,dc=nl> (default) with scope subtree # filter: uid=sammy # requesting: gidnumber # # sammy, katter, groups, billy.demon.nl dn: cn=sammy,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl gidNumber: 1004 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 1004 Ok, nothing wrong there. (Sammy is only present in ldap, not in passwd). But: 1064 [root:tru.leerlingen] /root # id sammy uid=516 gid=1004 groups=4294967295,1004 1066 [root:tru.leerlingen] /root # getent group katter katter:*:1004:billy,evy,frigg,kvikk,sammy,tonni 1068 [root:tru.leerlingen] /root # id hanne uid=502 gid=1000 groups=4294967295,1000,5005 1069 [root:tru.leerlingen] /root # getent group people people:*:1000:damen,goran,hanne,pete,torgeir,chalkie All ldap users get given the non-existent gidnumber 4294967295. Stopped ldap2.4, started ldap2.3 and everything is back to normal. But that's not what I want, so I'm continuing with 2.4. I can't remember seeing this happening with 2.4.6. Can anyone guess at the significance of the value "4294967295"? Best, --Tonni -- Tony Earnshaw Email: tonni at hetnet dot nl |
|
|
Re: Strange nss library behavior with OL 2.4.7
by Howard Chu
::
Rate this Message:
Tony Earnshaw wrote:
> Hi list, > > Maybe someone knows? Can't really ask or report an ITS on the OL list, > since there's nothing wrong on OL's part. > > I just built and installed OL 2.4.7 rpms (Buchan's spec) on FC6. Was > previously running 2.4.6 (but also 2.3.39 is installed, can have both at > once). > > I get this: > > 1063 [root:tru.leerlingen] /root # ldapsearch2.4 -x 'uid=sammy' \ > gidnumber > # extended LDIF > # > # LDAPv3 > # base <dc=billy,dc=demon,dc=nl> (default) with scope subtree > # filter: uid=sammy > # requesting: gidnumber > # > > # sammy, katter, groups, billy.demon.nl > dn: cn=sammy,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl > gidNumber: 1004 > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > 1004 > Ok, nothing wrong there. (Sammy is only present in ldap, not in passwd). > > But: > > 1064 [root:tru.leerlingen] /root # id sammy > uid=516 gid=1004 groups=4294967295,1004 > > 1066 [root:tru.leerlingen] /root # getent group katter > katter:*:1004:billy,evy,frigg,kvikk,sammy,tonni > > 1068 [root:tru.leerlingen] /root # id hanne > uid=502 gid=1000 groups=4294967295,1000,5005 > > 1069 [root:tru.leerlingen] /root # getent group people > people:*:1000:damen,goran,hanne,pete,torgeir,chalkie > > All ldap users get given the non-existent gidnumber 4294967295. Stopped > ldap2.4, started ldap2.3 and everything is back to normal. But that's > not what I want, so I'm continuing with 2.4. > > I can't remember seeing this happening with 2.4.6. > > Can anyone guess at the significance of the value "4294967295"? That's the 32 bit value "-1" represented as an unsigned integer. Pretty suspicious. If you can get some debug logs from slapd and libldap and compare to your 2.3.39 session that might be useful. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ |
|
|
Re: Strange nss library behavior with OL 2.4.7
by Hallvard B Furuseth
::
Rate this Message:
Tony Earnshaw writes:
> Maybe someone knows? Can't really ask or report an ITS on the OL > list, since there's nothing wrong on OL's part. Well, if you did not slapcat - slapadd the database when moving from 2.4.6 to 2.4.7, you may need to do that - or at least run slapindex, since integer indexing has changed. (I don't know why that would give those results, but then I don't know how nss works either.) -- Hallvard |
|
|
Re: Strange nss library behavior with OL 2.4.7
by Tony Earnshaw-4
::
Rate this Message:
Hallvard B Furuseth skrev, on 15-12-2007 23:22:
>> Maybe someone knows? Can't really ask or report an ITS on the OL >> list, since there's nothing wrong on OL's part. > > Well, if you did not slapcat - slapadd the database when moving from > 2.4.6 to 2.4.7, you may need to do that - or at least run slapindex, > since integer indexing has changed. (I don't know why that would give > those results, but then I don't know how nss works either.) Dett vĂ¡' dett, tusen takk Hallvard. That was what it was :) I did a new slapadd, it wasn't just the indices, it didn't like the stuff in the 2.4.6 cn=config, either. I had to mv the old and create a new slapd.d before slapadd worked without croaking. But now id works normally ... Best, --Tonni -- Tony Earnshaw Email: tonni at hetnet dot nl |
|
|
Re: Strange nss library behavior with OL 2.4.7
by Tony Earnshaw-4
::
Rate this Message:
Howard Chu skrev, on 15-12-2007 17:26:
[...] >> Can anyone guess at the significance of the value "4294967295"? > > That's the 32 bit value "-1" represented as an unsigned integer. > > Pretty suspicious. If you can get some debug logs from slapd and libldap > and compare to your 2.3.39 session that might be useful. Hallvard put his finger on it, thanks anyway :) Best, --Tonni -- Tony Earnshaw Email: tonni at hetnet dot nl |
| Free Forum Powered by Nabble | Forum Help |