David Parker <dpar...@utica.edu> wrote:

> Well, crap.  It turns out this isn't a problem.  PAM is configured for
> LDAP authentication and so it opens a connection each time I log in,
> owned by my sshd process, even though it's not using LDAP
> authentication for root.  And the other LDAP queries I'm seeing are
> being sent when users authenticate via sendmail.  Case closed!

This is why you use libpam-ldapd (instead of libpam-ldap) in combination
with libnss-ldapd (instead of libnss-ldap).

Its design with a separate daemon (nslcd) doing the actual LDAP
connection is far superior compared to the original lib*-ldap code.

It also means that libldap itself is only mapped into the central
server process and not into every process on the system. 


Sigmentation fault. Core dumped.

Reply via email to