[nssldap] Re: Solaris 10: As soon as nscd is running getpwnam on a ldap account fails
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[nssldap] Re: Solaris 10: As soon as nscd is running getpwnam on a ldap account fails
- From: Thomas Glanzmann <thomas [at] glanzmann.de>
- To: nssldap [at] padl.com
- Subject: [nssldap] Re: Solaris 10: As soon as nscd is running getpwnam on a ldap account fails
- Date: Sun, 8 Jun 2008 17:00:13 +0200
Hello,
I managed today to build an omnipotent nss_ldap and pam_krb5_310 that works with
Solaris 10 U5 (still without nscd). I wonder why noone published howto to do
that before. (Deps: libnet, openssl, krb5, sasl2, openldap).
http://git.informatik.uni-erlangen.de/?p=blastwave;a=blob;f=specs/nss-ldap;h=35348abd4e3c2d1cc858326b1d229ac066c7b6a6;hb=a314b8093d40a66eec8d3af4afc03176ad2897a0
However, I'm still stuck with nscd. So I called nm on the original
nss_ldap.so.1 which Solaris provied on Update 5 with the latest
patchset.
-bash-3.00$ /usr/ccs/bin/nm nss_ldap.so.1.off | grep GLOB | grep -v UNDEF
[330] | 0| 0|OBJT |GLOB |0 |ABS |SUNWprivate_1.1
[324] | 114904| 0|OBJT |GLOB |0 |16 |_DYNAMIC
[350] | 114688| 0|OBJT |GLOB |0 |15 |_GLOBAL_OFFSET_TABLE_
[361] | 6252| 0|OBJT |GLOB |0 |9 |_PROCEDURE_LINKAGE_TABLE_
[368] | 118033| 0|OBJT |GLOB |0 |19 |_edata
[333] | 118033| 0|OBJT |GLOB |0 |20 |_end
[363] | 45422| 0|OBJT |GLOB |0 |14 |_etext
[385] | 8615| 59|FUNC |GLOB |0 |10
|_nss_ldap_audit_user_constr
[369] | 7918| 59|FUNC |GLOB |0 |10
|_nss_ldap_auth_attr_constr
[380] | 9324| 59|FUNC |GLOB |0 |10
|_nss_ldap_bootparams_constr
[373] | 10090| 59|FUNC |GLOB |0 |10 |_nss_ldap_ethers_constr
[359] | 13171| 59|FUNC |GLOB |0 |10
|_nss_ldap_exec_attr_constr
[384] | 14820| 59|FUNC |GLOB |0 |10 |_nss_ldap_group_constr
[331] | 17097| 59|FUNC |GLOB |0 |10 |_nss_ldap_hosts_constr
[326] | 18177| 59|FUNC |GLOB |0 |10 |_nss_ldap_ipnodes_constr
[376] | 24569| 54|FUNC |GLOB |0 |10 |_nss_ldap_netgroup_constr
[362] | 25031| 59|FUNC |GLOB |0 |10 |_nss_ldap_netmasks_constr
[374] | 20303| 59|FUNC |GLOB |0 |10 |_nss_ldap_networks_constr
[398] | 29054| 59|FUNC |GLOB |0 |10 |_nss_ldap_passwd_constr
[390] | 30181| 58|FUNC |GLOB |0 |10 |_nss_ldap_printers_constr
[321] | 25878| 59|FUNC |GLOB |0 |10
|_nss_ldap_prof_attr_constr
[358] | 26822| 59|FUNC |GLOB |0 |10 |_nss_ldap_project_constr
[356] | 27998| 59|FUNC |GLOB |0 |10
|_nss_ldap_protocols_constr
[395] | 19021| 59|FUNC |GLOB |0 |10
|_nss_ldap_publickey_constr
[341] | 31104| 59|FUNC |GLOB |0 |10 |_nss_ldap_rpc_constr
[367] | 33019| 59|FUNC |GLOB |0 |10 |_nss_ldap_services_constr
[387] | 33807| 59|FUNC |GLOB |0 |10 |_nss_ldap_shadow_constr
[349] | 35389| 59|FUNC |GLOB |0 |10 |_nss_ldap_tnrhdb_constr
[377] | 35924| 59|FUNC |GLOB |0 |10 |_nss_ldap_tnrhtp_constr
[364] | 34654| 59|FUNC |GLOB |0 |10
|_nss_ldap_user_attr_constr
After that I look at the exported symbols of nss_ldap (see also export.solaris
in the nss_ldap distribution):
-bash-3.00$ /usr/ccs/bin/nm nss_ldap.so.1 | grep GLOB | grep -v UNDEF
[16346] | 3863200| 0|OBJT |GLOB |0 |22 |_DYNAMIC
[16403] | 3862036| 0|OBJT |GLOB |0 |21 |_GLOBAL_OFFSET_TABLE_
[16364] | 430276| 0|OBJT |GLOB |0 |15 |_PROCEDURE_LINKAGE_TABLE_
[16428] | 519264| 121|FUNC |GLOB |0 |16 |__ns_ldap_endEntry
[16314] | 519776| 205|FUNC |GLOB |0 |16 |__ns_ldap_err2str
[16373] | 518864| 237|FUNC |GLOB |0 |16 |__ns_ldap_firstEntry
[16309] | 512432| 153|FUNC |GLOB |0 |16 |__ns_ldap_freeEntry
[16318] | 511872| 129|FUNC |GLOB |0 |16 |__ns_ldap_freeError
[16445] | 512592| 157|FUNC |GLOB |0 |16 |__ns_ldap_freeResult
[16282] | 511408| 85|FUNC |GLOB |0 |16
|__ns_ldap_getMappedAttributes
[16278] | 511504| 85|FUNC |GLOB |0 |16
|__ns_ldap_getMappedObjectClass
[16394] | 512160| 109|FUNC |GLOB |0 |16 |__ns_ldap_getParam
[16411] | 519392| 369|FUNC |GLOB |0 |16 |__ns_ldap_list
[16261] | 519104| 153|FUNC |GLOB |0 |16 |__ns_ldap_nextEntry
[16473] | 3978888| 0|OBJT |GLOB |0 |26 |_edata
[16315] | 4034680| 0|OBJT |GLOB |0 |27 |_end
[16376] | 3796500| 0|OBJT |GLOB |0 |20 |_etext
[16323] | 491712| 25|FUNC |GLOB |0 |16
|_nss_ldap_bootparams_constr
[16281] | 491168| 109|FUNC |GLOB |0 |16 |_nss_ldap_ethers_constr
[16361] | 470240| 109|FUNC |GLOB |0 |16 |_nss_ldap_group_constr
[16272] | 478544| 109|FUNC |GLOB |0 |16 |_nss_ldap_hosts_constr
[16420] | 475520| 141|FUNC |GLOB |0 |16 |_nss_ldap_netgroup_constr
[16412] | 480208| 109|FUNC |GLOB |0 |16 |_nss_ldap_networks_constr
[16363] | 463440| 109|FUNC |GLOB |0 |16 |_nss_ldap_passwd_constr
[16434] | 481328| 109|FUNC |GLOB |0 |16
|_nss_ldap_protocols_constr
[16444] | 476672| 109|FUNC |GLOB |0 |16 |_nss_ldap_rpc_constr
[16273] | 484624| 109|FUNC |GLOB |0 |16 |_nss_ldap_services_constr
[16407] | 482832| 109|FUNC |GLOB |0 |16 |_nss_ldap_shadow_constr
[16418] | 0| 0|OBJT |GLOB |0 |ABS |nss_ldap.so.1
What you can see here is, that a few symbols are gone and a few new are in. Has
someone already had a look at this?
(u5) [/var/tmp/sithglan-pkg/nss_ldap-260] gdiff -ruN padl sun
--- padl 2008-06-08 16:51:53.390905000 +0200
+++ sun 2008-06-08 16:47:01.055021000 +0200
@@ -1,22 +1,23 @@
-__ns_ldap_endEntry
-__ns_ldap_err2str
-__ns_ldap_firstEntry
-__ns_ldap_freeEntry
-__ns_ldap_freeError
-__ns_ldap_freeResult
-__ns_ldap_getMappedAttributes
-__ns_ldap_getMappedObjectClass
-__ns_ldap_getParam
-__ns_ldap_list
-__ns_ldap_nextEntry
+_nss_ldap_audit_user_constr
+_nss_ldap_auth_attr_constr
_nss_ldap_bootparams_constr
_nss_ldap_ethers_constr
+_nss_ldap_exec_attr_constr
_nss_ldap_group_constr
_nss_ldap_hosts_constr
+_nss_ldap_ipnodes_constr
_nss_ldap_netgroup_constr
+_nss_ldap_netmasks_constr
_nss_ldap_networks_constr
_nss_ldap_passwd_constr
+_nss_ldap_printers_constr
+_nss_ldap_prof_attr_constr
+_nss_ldap_project_constr
_nss_ldap_protocols_constr
+_nss_ldap_publickey_constr
_nss_ldap_rpc_constr
_nss_ldap_services_constr
_nss_ldap_shadow_constr
+_nss_ldap_tnrhdb_constr
+_nss_ldap_tnrhtp_constr
+_nss_ldap_user_attr_constr
So, I guess the following symbols are missing and this is why my nscd keeps
failing on me:
_nss_ldap_exec_attr_constr
_nss_ldap_ipnodes_constr
_nss_ldap_netmasks_constr
_nss_ldap_printers_constr
_nss_ldap_prof_attr_constr
_nss_ldap_project_constr
_nss_ldap_publickey_constr
_nss_ldap_tnrhdb_constr
_nss_ldap_tnrhtp_constr
_nss_ldap_user_attr_constr
I'm also wondering if I am the only one who is needs this patch to get
nss_ldap working _without_ debugging enabled under Solaris 10 using gcc,
forte11 and forte12:
http://git.informatik.uni-erlangen.de/?p=blastwave;a=blob;f=sources/nss_ldap.patch;h=c1371d22b1c691d3106c105a95bb8264f9368b55;hb=a314b8093d40a66eec8d3af4afc03176ad2897a0
Thomas