RE: [nssldap] Re: Re: disconnected nss_ldap
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
RE: [nssldap] Re: Re: disconnected nss_ldap
- From: "Howard Wilkinson" <howard [at] cohtech.com>
- To: "Brian J. Murrell" <brian [at] interlinx.bc.ca>, <nssldap [at] padl.com>
- Subject: RE: [nssldap] Re: Re: disconnected nss_ldap
- Date: Tue, 27 Oct 2009 12:24:37 -0000
Brian et al,
I think the problem with the nscd issue may be a bug in nss_ldap's interface
with the nsswitch interface.
.......
nscd really does seem like it would complete the solution if it
didn't
suffer from redhat bug 2132.
Cheers,
b.
I have looked into the nss_ldap code and it responds with NSS_STATUS_UNAVAIL,
errno = EPERM for the following cases.
LDAP_SERVER_DOWN, LDAP_TIMEOUT, LDAP_UNAVAILABLE, LDAP_BUSY,
LDAP_CONNECT_ERROR, LDAP_LOCAL_ERROR, LDAP_INVALID_CREDENTIALS.
The last 2 are I suspect correct but the first 5 are really candidates for
'server has gone away'. I suspect, but can't quite decide whether I am right,
that the code should respond with either NSS_STATUS_TRYAGAIN, errno != ERANGE,
or NSS_STATUS_UNAVAIL, errno = EAGAIN for the cache to continue to be populated
with the entry.
If anybody who understands the nsswitch internals can confirm which is the
correct response I will patch the nss_ldap library (I have half a patch
already) and try this out.
Howard.
- Re: [nssldap] Re: disconnected nss_ldap, (continued)