Bug#407788: x11-common init script cause bootup hang when using nss_ldap for LDAP-based user and groups
tag 407788 pending kthxbye On Sun, Jan 21, 2007 at 14:11:51 +0100, Andreas Unterkircher wrote: We use nss_ldap for getting our OpenLDAP users available on the Linux boxes. During bootup x11-common init script invokes two times chown 0:0 $SOCKET_DIR chown 0:0 $ICE_DIR which looks like to cause NSS to reverse lookup the user and group behind 0. As the network hasn't started yet or isn't connected the box hangs for a very long time in this step (it works to press CTRL+C, but for a remote box this is not always possible). I'll change the chown calls to root:root. However I'm surprised you say that this happens before networking is up, because x11-common's script is in rcS.d/S70 while networking is brought up by rcS.d/S40networking. Cheers, Julien signature.asc Description: Digital signature
Bug#407788: x11-common init script cause bootup hang when using nss_ldap for LDAP-based user and groups
Hi Julien, I opened this bug one year ago, so I'm not sure what I meant with network hasn't started yet (perhaps a not working DHCP...). Anyway, if the network cable is unplugged, or the LDAP server is simply not reachable, it is indeed hanging around in x11-common init script. Cheers, Andreas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#407788: x11-common init script cause bootup hang when using nss_ldap for LDAP-based user and groups
Hi, I did encounter the same the exactly same problem changing to root:root definitely fixes this issue. Laurent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#407788: x11-common init script cause bootup hang when using nss_ldap for LDAP-based user and groups
Hello Brice, I can confirm that this still happens with etch. Like written in the bug report it seems this is a issue with nsswitch and ldap (and also probably with other network-based nss modules). But I opened this bug for x11-common, because the question is why they initscript /etc/init.d/x11-common uses 0:0 instead of root:root in line 37 and 51. If this script would use chown root:root $ICE_DIR, libnss-ldap would ignore this lookup request if specified in nss_initgroups_ignoreusers and the script wouldn't hang during bootup. I have already tested this. Cheers, Andreas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#407788: x11-common init script cause bootup hang when using nss_ldap for LDAP-based user and groups
Hi Andreas, Does this problem about the x11-common init script causing a hang during boot still occurs today? It might be a nss problem since your nsswitch.conf should probably not make nss use ldap for user/group 0. Brice -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#407788: x11-common init script cause bootup hang when using nss_ldap for LDAP-based user and groups
Package: x11-common Version: 1:7.1.0-10 Severity: important My first Debian bug report - so kindly ask for patient. We use nss_ldap for getting our OpenLDAP users available on the Linux boxes. During bootup x11-common init script invokes two times chown 0:0 $SOCKET_DIR chown 0:0 $ICE_DIR which looks like to cause NSS to reverse lookup the user and group behind 0. As the network hasn't started yet or isn't connected the box hangs for a very long time in this step (it works to press CTRL+C, but for a remote box this is not always possible). I recompiled libnss-ldap with debugging enabled which shows up several queries which are looking for a user during haning around in x11-common: ((objectClass=posixAccount)(uid=0) and after a timeout ((objectClass=posixAccount)(cn=0) Simply changing these lines to chown root:root is a quick fix for that issue. But I guess somebody had a reason to use 0:0 for this - most probably to avoid forward lookups user - id. Basically I'm not sure why this hang happens. Why should a chown with id's cause a reverse lookup. /etc/nsswitch.conf say - first files, second ldap: passwd: files ldap group: files ldap root is indeed in the local files: [EMAIL PROTECTED]:~$ grep root /etc/passwd root:x:0:0:root:/root:/bin/bash [EMAIL PROTECTED]:~$ grep root /etc/group root:x:0: Furthermore we have specified in libnss-ldap.conf the parameter nss_initgroups_ignoreusers root which cause nss_ldap to not do group enumerations for the user root - but it looks like this parameter is ignored on a reverse lookup. Regards, Andreas -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages x11-common depends on: ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy ii debianutils 2.17 Miscellaneous utilities specific t ii lsb-base 3.1-22 Linux Standard Base 3.1 init scrip x11-common recommends no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
