On 29/03/2017 08:52, Arthur de Jong wrote: > The first process is the daemon that is started and the second process > is after it has daemonized itself (run itself in the background, the > process id changes). It is only running once. > > The symbols of the NSS module are checked before the process daemonizes > itself. The symbols are used to instruct the NSS module to not perform > any lookups via nslcd if it is loaded inside nslcd otherwise it would > be possible to have a deadlock situation. > > The warnings are there because the installed NSS module does not > contain the expected symbols. This is probably because libnss-ldap is > installed instead of libnss-ldapd.
Thanks for the detailed explanation! > This means there is probably no bug in nslcd and it should be running. > If LDAP lookups are not working you probably have libnss-ldap installed > (which does not use nslcd) instead of libnss-ldapd. This system had libnss-ldap installed, indeed. I purged this package, installed libnss-ldapd instead, but I still get the warnings: # journalctl |grep nslcd Apr 03 16:43:51 file-info2 nslcd[496]: Starting LDAP connection daemon: nslcdnslcd: Warning: NSS_LDAP version missing: /lib/x86_64-linux-gnu/libnss_ldap.so.2: undefined symbol: _nss_ldap_version Apr 03 16:43:51 file-info2 nslcd[496]: nslcd: Warning: /lib/x86_64-linux-gnu/libnss_ldap.so.2: undefined symbol: _nss_ldap_enablelookups (probably older NSS module loaded) Apr 03 16:43:51 file-info2 nslcd[515]: version 0.9.7 starting Apr 03 16:43:51 file-info2 nslcd[515]: accepting connections Apr 03 16:43:51 file-info2 nslcd[496]: . BTW I had LDAP working with libnss-ldap but now with libnss-ldapd it does not work any longer (but this is for another bug report...) > If you think there is a bug, feel free to re-open this bug report or > create a new one. I still see one problem: if LDAP is not working an admin will look at the logs and be distracted by those error messages that are a red herring. So would it be possible to hide those ugly warnings? -- Laurent.
