> On 31-Oct-03 at 17:32, Buchan Milne ([EMAIL PROTECTED]) wrote: > >> But, I don't see the problem: >> >> >> [EMAIL PROTECTED] bgmilne]$ grep ^passwd /etc/nsswitch.conf >> passwd: files ldap >> [EMAIL PROTECTED] bgmilne]$ wc -l /etc/passwd >> 38 /etc/passwd > > Same for me here, so far. > >> [EMAIL PROTECTED] bgmilne]$ getent passwd|wc -l >> 187 > > Here I get the same symptom as before. > # getent passwd|wc -l > getent: relocation error: /lib/libnss_ldap.so.2: undefined symbol: > dbopen > 0 > > # getent passwd root > root:x:0:0:root:/root:/bin/bash > # getent passwd etutest1 > getent: relocation error: /lib/libnss_ldap.so.2: undefined symbol: > dbopen > > May be you have a ldap.conf file that does not trigger the call > to dbopen? > - could you send me the relevant part of your ldap.conf? > Here is mine: > > # egrep -v '^#|^$' /etc/ldap.conf > host myhost.unige.ch > base ou=people,dc=unige,dc=ch > ldap_version 3 > scope sub > pam_filter objectclass=posixAccount > pam_login_attribute unigeChStudentUid > pam_member_attribute gid > pam_password clear > nss_base_passwd ou=People,dc=unige,dc=ch?sub > nss_base_shadow ou=People,dc=unige,dc=ch?sub > ssl on > sslpath /etc/ssl/certs/cert7.db
Maybe it is this ^^^ ? (I don't see the point in wanting to verify the SSL cert against the commercial CAs when I use my own CA cery anyway, which is available and configured) > nss_map_attribute uid unigeChStudentUid > pam_template_login_attribute unigeChStudentUid > > That configuration did work with Mandrake 9.0. Here is mine, we have production machines running with configs like this, Mandrake 9.0 through 9.2: [EMAIL PROTECTED] bgmilne]$ egrep -v '^#|^$' /etc/ldap.conf host bgmilne.cae.co.za base dc=cae,dc=co,dc=za ldap_version 3 scope one pam_filter objectclass=posixaccount pam_login_attribute uid pam_password md5 nss_base_passwd ou=People,dc=cae,dc=co,dc=za nss_base_shadow ou=People,dc=cae,dc=co,dc=za nss_base_group ou=Group,dc=cae,dc=co,dc=za ssl start_tls tls_cacertfile /etc/ssl/ca.crt tls_checkpeer yes TLS_CACERT /etc/ssl/ca.crt > > Or maybe dbopen is provided by another library loaded at runtime > not in the dependancies shown by ldd. > It would be strange though: You would expect all > symbols of a dynamic libraries to be resolved within > the dependancies. > > [ Florin: is it OK that dbopen is not defined in the dynamic libraries? > ] > > - Any suggestion on where to look now to figure this out? Maybe try without the certdb, since this seems to be about the only thing that has anything to do with libdb (besides libsasl)? Regards, Buchan
