Bug #102

ldap/client does not work on 147

Added by Piotr Jasiukajtis over 3 years ago. Updated over 3 years ago.

Status:Closed Start date:2010-08-26
Priority:High Due date:
Assignee:- % Done:

0%

Category:- Spent time: -
Target version:-
Difficulty:Medium Tags:needs-triage

Description

ldap/client service get stuck on 147, it works on 145 though.

It's not an Illumos regression.

Some debug info:
/usr/lib/ldap/ldap_cachemgr -d 6
tail -50f /var/ldap/cachemgr.log

Thu Aug 26 21:21:04.0001 operation is INFO_OP_REFRESH...
Thu Aug 26 21:21:04.0001 getldap_set_serverInfo()...
Thu Aug 26 21:21:04.0007 getldap_get_rootDSE()....
Thu Aug 26 21:21:04.0008 getldap_get_rootDSE()....
Thu Aug 26 21:21:04.0009 getldap_get_rootDSE()....
Thu Aug 26 21:22:04.0088 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:22:04.0089 sync_current_with_update_copy()...
Thu Aug 26 21:22:04.0096 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:22:04.0096 sync_current_with_update_copy()...
Thu Aug 26 21:22:04.0099 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:22:04.0099 sync_current_with_update_copy()...
Thu Aug 26 21:22:04.0102 getldap_set_refresh_ttl()...
Thu Aug 26 21:22:04.0102 getldap_set_refresh_ttl:(1) refresh ttl is 40 seconds
Thu Aug 26 21:22:04.0102 getldap_set_refresh_ttl:(5) refresh ttl is 40 seconds
Thu Aug 26 21:22:04.0102 getldap_set_refresh_ttl:(7) refresh ttl is 40 seconds
Thu Aug 26 21:22:04.0102 getldap_serverInfo_op(INFO_OP_REFRESH): seconds refresh: 0 second(s)....
Thu Aug 26 21:22:04.0103 getldap_serverInfo_op()...
Thu Aug 26 21:22:04.0103 operation is INFO_OP_REFRESH_WAIT...
Thu Aug 26 21:22:04.0103 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): entering no-server refresh loop...
Thu Aug 26 21:22:04.0103 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): about to sleep for 1 second(s)...
Thu Aug 26 21:22:05.0002 getldap_serverInfo_op()...
Thu Aug 26 21:22:05.0002 operation is INFO_OP_REFRESH...
Thu Aug 26 21:22:05.0002 getldap_set_serverInfo()...
Thu Aug 26 21:22:05.0004 getldap_get_rootDSE()....
Thu Aug 26 21:22:05.0004 getldap_get_rootDSE()....
Thu Aug 26 21:22:05.0005 getldap_get_rootDSE()....
Thu Aug 26 21:23:05.0076 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:23:05.0076 sync_current_with_update_copy()...
Thu Aug 26 21:23:05.0086 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:23:05.0086 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:23:05.0087 sync_current_with_update_copy()...
Thu Aug 26 21:23:05.0086 sync_current_with_update_copy()...
Thu Aug 26 21:23:05.0090 getldap_set_refresh_ttl()...
Thu Aug 26 21:23:05.0090 getldap_set_refresh_ttl:(1) refresh ttl is 40 seconds
Thu Aug 26 21:23:05.0090 getldap_set_refresh_ttl:(5) refresh ttl is 40 seconds
Thu Aug 26 21:23:05.0090 getldap_set_refresh_ttl:(7) refresh ttl is 40 seconds
Thu Aug 26 21:23:05.0090 getldap_serverInfo_op(INFO_OP_REFRESH): seconds refresh: 0 second(s)....
Thu Aug 26 21:23:05.0091 getldap_serverInfo_op()...
Thu Aug 26 21:23:05.0091 operation is INFO_OP_REFRESH_WAIT...
Thu Aug 26 21:23:05.0091 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): entering no-server refresh loop...
Thu Aug 26 21:23:05.0091 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): about to sleep for 1 second(s)...
Thu Aug 26 21:23:06.0002 getldap_serverInfo_op()...
Thu Aug 26 21:23:06.0002 operation is INFO_OP_REFRESH...
Thu Aug 26 21:23:06.0002 getldap_set_serverInfo()...
Thu Aug 26 21:23:06.0004 getldap_get_rootDSE()....
Thu Aug 26 21:23:06.0005 getldap_get_rootDSE()....
Thu Aug 26 21:23:06.0005 getldap_get_rootDSE()....
Thu Aug 26 21:24:06.0076 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:24:06.0076 sync_current_with_update_copy()...
Thu Aug 26 21:24:06.0092 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:24:06.0092 sync_current_with_update_copy()...
Thu Aug 26 21:24:06.0092 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:24:06.0093 sync_current_with_update_copy()...
Thu Aug 26 21:24:06.0095 getldap_set_refresh_ttl()...
Thu Aug 26 21:24:06.0096 getldap_set_refresh_ttl:(1) refresh ttl is 40 seconds
Thu Aug 26 21:24:06.0096 getldap_set_refresh_ttl:(5) refresh ttl is 40 seconds
Thu Aug 26 21:24:06.0096 getldap_set_refresh_ttl:(7) refresh ttl is 40 seconds
Thu Aug 26 21:24:06.0096 getldap_serverInfo_op(INFO_OP_REFRESH): seconds refresh: 0 second(s)....
Thu Aug 26 21:24:06.0096 getldap_serverInfo_op()...
Thu Aug 26 21:24:06.0097 operation is INFO_OP_REFRESH_WAIT...
Thu Aug 26 21:24:06.0097 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): entering no-server refresh loop...
Thu Aug 26 21:24:06.0097 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): about to sleep for 1 second(s)...
Thu Aug 26 21:24:07.0002 getldap_serverInfo_op()...
Thu Aug 26 21:24:07.0002 operation is INFO_OP_REFRESH...
Thu Aug 26 21:24:07.0002 getldap_set_serverInfo()...
Thu Aug 26 21:24:07.0004 getldap_get_rootDSE()....
Thu Aug 26 21:24:07.0004 getldap_get_rootDSE()....
Thu Aug 26 21:24:07.0005 getldap_get_rootDSE()....
Thu Aug 26 21:25:07.0075 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:25:07.0076 sync_current_with_update_copy()...
Thu Aug 26 21:25:07.0076 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:25:07.0076 sync_current_with_update_copy()...
Thu Aug 26 21:25:07.0080 getldap_get_rootDSE: Can't connect to the LDAP server.
Thu Aug 26 21:25:07.0080 sync_current_with_update_copy()...
Thu Aug 26 21:25:07.0082 getldap_set_refresh_ttl()...
Thu Aug 26 21:25:07.0083 getldap_set_refresh_ttl:(1) refresh ttl is 40 seconds
Thu Aug 26 21:25:07.0083 getldap_set_refresh_ttl:(5) refresh ttl is 40 seconds
Thu Aug 26 21:25:07.0083 getldap_set_refresh_ttl:(7) refresh ttl is 40 seconds
Thu Aug 26 21:25:07.0083 getldap_serverInfo_op(INFO_OP_REFRESH): seconds refresh: 0 second(s)....
Thu Aug 26 21:25:07.0083 getldap_serverInfo_op()...
Thu Aug 26 21:25:07.0083 operation is INFO_OP_REFRESH_WAIT...
Thu Aug 26 21:25:07.0084 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): entering no-server refresh loop...
Thu Aug 26 21:25:07.0084 getldap_serverInfo_op(INFO_OP_REFRESH_WAIT): about to sleep for 1 second(s)...
Thu Aug 26 21:25:08.0002 getldap_serverInfo_op()...
Thu Aug 26 21:25:08.0002 operation is INFO_OP_REFRESH...
Thu Aug 26 21:25:08.0002 getldap_set_serverInfo()...
Thu Aug 26 21:25:08.0003 getldap_get_rootDSE()....
Thu Aug 26 21:25:08.0004 getldap_get_rootDSE()....
Thu Aug 26 21:25:08.0005 getldap_get_rootDSE()....
^C

History

Updated by Garrett D'Amore over 3 years ago

  • Priority changed from Normal to High

This will break lots of people. Raising priority. Hopefully Gordon can take a look.

Updated by Piotr Jasiukajtis over 3 years ago

  • Status changed from New to Closed

I'm closing this BUG because I'm not able to replicate the issue.
It was tested on:
- b145 non-debug
- b147 non-debug
- OpenIndiana b147
- Illumos b147 (debug build)

All of the above builds work fine.

Updated by Jonathan Adams over 3 years ago

The issue is with the upgrade to b147 if you're using nwam, the LDAP client itself works fine on network/physical:default

nwam support for LDAP client doesn't work properly, ldap/client is always disabled on reboot, or after a new network connection, and cannot be configured in the nwam client interface.

I can get LDAP to work (after network connection is established) by :
1) copying nsswitch.ldap to nsswitch.conf
2) with existing ldap configuration, "svcadm enable ldap/client"
3) svcadm restart autofs (and any other services, relying on ldap)

I have a custom nsswitch.conf (I use DNS and LDAP, with LDAP server running on the local machine) called 'nsswitch.jon' in /etc, and I've configured the "Location" in the Network preferences to use this as the default nsswitch.conf ... and wouldn't you know it, it's just accepted the change to add "LDAP" in the "Locations" area as well ... it always came up with an error before.

will reboot in a short while to see if it takes effect.

Updated by Jonathan Adams over 3 years ago

LDAP does work with nwam, albeit in an odd sort of way.

The "customer nsswitch file" I specified in the Location settings seemed to randomly change to a completely different file after closing the Network Preferences dialog (/etc/hosts, /etc/logindevperm, /etc/driver_aliases, etc)

Also; I cannot set LDAP in the "NoNet" Location (it comes up with "Validation of NoNet failed with the property ldap-nameservice-configsrc") ...

However, I have got my system to the point that It is working, at least whilst it remembers to keep the correct nsswitch.conf

I'd still like it if it was possible to run openvpn (and update resolv.conf), but that is another story.

Updated by Piotr Jasiukajtis over 3 years ago

In my case I used only svc:/network/physical:default unless somehow 'pkg image-update' enabled nwam service.
What I did was simple image-update from build 145 to 147.
I have the same LDAP client configuration as before.

Also available in: Atom PDF