On Wed, Dec 15, 2004 at 10:21:29PM +0100, Ralf Gesel|ensetter wrote: > Hi Finn-Arne, > > Am Mittwoch, 15. Dezember 2004 21:21 schrieb Finn-Arne Johansen: > > ... > [Snippet from my own posting] > > >> This issue seems to be connected to "Delay in LDAP lookups." > >> http://www.openldap.org/lists/openldap-software/200307/msg00398.html > > > > Just curious - would it help to not use automounting from ldap ? > > and not use netgroups, but hardcode the IP-adresses that are allowed > > to mount over NFS? This will give the ldap server a lot less stress. > > Sounds like slapd is mostly occupied with looking up negroups? > If you send some details on how to "hardcode" this, we could try. Also, > we need to test if it might be a kernel issue - as the tjener running > with a different version doesn't crash. Could everybody else, please, > check?
How to disable automounting on the thinclient servers: replace AUTOFS_ENABLED=true with AUTOFS_ENABLED=false in /etc/default/autofs and in /etc/fstab, add an entry for home0 and others: tjener:/skole/tjener/home0 /skole/tjener/home0 nfs defaults 0 0 and create /skole/tjener/home0. But remember to remove /skole/tjener if you later decide to enable autofs again. how to hardcode which servers are allowed to mount NFS from tjener: in /etc/exports replace @ltsp-servers(rw) with 10.0.2.10(rw) I guess you may remove mount permissions from workstations and servers as well > > But we really need to find out why nscd segfaults. > > Ack. The stated links says something like malconfigured reverse DNS ...? what says host 10.0.2.10 (if this is one of the servers you have problems with) and what says hostname ? > > Could it be that there is an error in the config-file for nscd ? > > Let me post our version: > > # /etc/nscd.conf > # (omitting commented sample lines) > # logfile /var/log/nscd.log > # threads 6 > # server-user nobody > # debug-level 0 > > enable-cache passwd yes > positive-time-to-live passwd 600 > negative-time-to-live passwd 20 > suggested-size passwd 211 I guess you have a lot more users than 211 ? You had ~100 users, didn't you ? and maybe you have som windows machine accounts as well ? The I would have set suggested-size for passwd to 2211 The same applies to suggested_size for groups. > check-files passwd yes > > enable-cache group yes > positive-time-to-live group 3600 > negative-time-to-live group 60 > suggested-size group 211 > check-files group yes > > # !!!!!WARNING!!!!! Host cache is insecure!!! The mechanism in nscd to > # cache hosts will cause your local system to not be able to trust > # forward/reverse lookup checks DO NOT USE THIS if your system relies on > # this sort of security mechanism. Use a caching DNS server instead. > enable-cache hosts no > positive-time-to-live hosts 3600 > negative-time-to-live hosts 20 > suggested-size hosts 211 > check-files hosts yes > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Finn-Arne Johansen [EMAIL PROTECTED] http://bzz.no/
