Subject: | |
From: | |
Reply To: | |
Date: | Fri, 23 Jan 2009 14:19:52 +0000 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
On Fri, 23 Jan 2009, Olf Epler wrote:
> Hello Jon,
>
> if I start my ldap server in debug mode I can see
> that it answers on port 389 and also - the other case -
> on port 636.
> There is nothing wrong in the debug output from the server.
> On the other hand I found that a downgrade to nss_ldap-253-5
> should solve the problem. This is also not true or only a
> part of the game.
> In the case I try to login on console (ldaps configured)
> I get as root:
> pam_unix(login:session): session opened for user root
> ROOT LOGIN ON tty1
> pam_unix(login:session): session closed for user root
>
> and for other users:
> pam_console(login:session): handler '/sbin/pam_console_apply'
> caught a signal 13
>
> This is already posted in many sites.
>
> So I believe this is not a configuration problem, this is a
> bug in the nss/pam version that is used in SL-5.2.
Certainly almost all the problems which were reported look like they were
caused/triggered by the newer nss_ldap update, so you might want to check
the list archives in case any of the earlier messages show up config
changes that might help fix the problem. At least a couple of people
reported configs which (with lapds/starttls) worked for them with the
newer nss_ldap version.
The other errors sound a _bit_ like the problems with uid/gid lookups for
processes (like udev/hald) which are started before lapd is available (and
needed something adding to an exclusion list). Again there were several
earlier messages mentioning things to check/add.
> My next step is a full nss/pam downgrade to the SL-5.1 versions.
>
> Regards, Olf
-- Jon
|
|
|