On Thu, Aug 31, 2006 at 07:42:03PM -0600, Berg, Michael wrote: > A low entropy pool may be a contributing factor, but something definitely > changed between libnss-ldap 238 and 251.
I guess this is the new reconnection logic introduced in 241. > With libnss-ldap 238-1.2 installed > > $ cat /proc/sys/kernel/random/entropy_avail; \ > getent passwd user_in_ldap; \ > cat /proc/sys/kernel/random/entropy_avail > 3585 > passwd entry here > 129 Are you sure it's not falling back to non-TLS here? Or local files somehow? I can't see a reason why it would fail any better than 251, given that a failure is still a failure and the relevant change is what it does after the fact... /* Steinar */ -- Homepage: http://www.sesse.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]