The upshot is that gutsy has done something with the boot order of services (especially udev it seems) which means there isn't a chicken, or an egg, to start the user DB, so the system just waits forever for nss resolution to work.
The solutions mentioned aren't quite right. The various mooted answers are as follows:
- Grep /etc/udev/rules.d/ for instances of GROUP= and ensure that all the groups mentioned are in the local /etc/group.
- Edit nsswitch.conf, putting [UNAVAIL=return] at the end of the ldap references.
There is one (fairly nasty) solution which does seem to work though, as follows:
- Copy /etc/nsswitch.conf to /etc/nsswitch.conf.ldap and /etc/nsswitch.conf.noldap.
- Edit the /etc/nsswitch.conf.noldap file to (you guessed it) not include ldap.
- Add the following at the end of start_slapd() in /etc/init.d/slapd:
cp /etc/nsswitch.conf.ldap /etc/nsswitch.conf - Add the following at the end of stop_slapd() in /etc/init.d/slapd:
cp /etc/nsswitch.conf.noldap /etc/nsswitch.conf - Create the file /etc/network/if-down.d/nsswitch-noldap:
#!/bin/bash
cp /etc/nsswitch.conf.noldap /etc/nsswitch.conf - chmod +x /etc/network/if-down.d/nsswitch-noldap
Blogged with Flock
2 comments:
Instead of that which is fairly kludgy edit /etc/ldap.conf to have the following line:
bind_policy soft
This will allow the box to not hang if it cant get an ldap answer for a name. Alternatively you can set another ldap.conf parameter such as nss_initgroups_ignoreusers to have nssldap not bother looking groups like bin/sys/root/ldap/misclocalusergroup.
:)
Amiable post and this fill someone in on helped me alot in my college assignement. Say thank you you seeking your information.
Post a Comment