Re: nslcd: error reading from client: Success

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: nslcd: error reading from client: Success
Date: Fri, 30 May 2014 23:31:25 +0200

On Fri, 2014-05-30 at 17:17 +0530, varun mittal wrote:
> We are seeing this nslcd error when clients are trying 'chown' over
> NFS shares.
> After searching over the net I cam across this :
> http://lists.arthurdejong.org/nss-pam-ldapd-users/2013/msg00002.html

You are seeing
  nslcd: error reading from client: Success
in the logs when the chown is issued? Is this on the NFS server or the
client?

The "error reading from client" should only be logged if there was some
problem reading a request for a name lookup. I think the "Success" part
should only be logged if the connection is closed by the client.

> So my queries are:
> 1. How to confirm that our issue is the same one ?

The easiest way to get more information is to run nslcd in debug mode to
see what is going on. Is the error easy to reproduce? Are there a lot of
lookups going on?

> 2. The link seems to suggest it's an application side issue and not an
> nss-pam-ldapd issue. Is that correct ? Can we get more details about
> the issue and the fix ?

The thread pointed out above was about nslcd not handling queries well
when it is overloaded.

Another issue that was mentioned in the thread was a fix for when a
large number of file descriptors are open. This should not affect nslcd
itself but could affect the NSS and PAM modules.

If there are applications with more than FD_SETSIZE (commonly 1024) file
open NSS lookups will fail (conceivably with the error message you're
seeing). The 0.8 version should handle such situations much better.

Other countermeasures that you can take on such systems is to run
(u)nscd. This is a good idea anyway on heavily loaded systems (if you
are not seeing issues with (u)nscd) as it avoids hitting the LDAP server
too often.

Another option is to increase the number of threads. This will reduce
the number of applications that are waiting on NSS lookups but may
increase the load on your LDAP server.

Hope this helps,

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

nslcd: error reading from client: Success, varun mittal
- Re: nslcd: error reading from client: Success, Arthur de Jong
- Re: nslcd: error reading from client: Success, varun mittal
  - Re: nslcd: error reading from client: Success, varun mittal
- <Possible follow-ups>
- nslcd: error reading from client: Success, varun mittal

Prev by Date: nslcd: error reading from client: Success
Next by Date: nslcd: error reading from client: Success
Previous by thread: nslcd: error reading from client: Success
Next by thread: Re: nslcd: error reading from client: Success