RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
- From: "Howard Wilkinson" <howard [at] cohtech.com>
- To: "Thomas Glanzmann" <thomas [at] glanzmann.de>
- Cc: "Matthew Hardin" <mhardin [at] symas.com>, "Luke Howard" <lukeh [at] padl.com>, <nssldap [at] padl.com>, <Bernhard.Thalmayr [at] sun.com>
- Subject: RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
- Date: Wed, 30 Dec 2009 13:52:41 -0000
Thomas et al,
making progress. We can now get the library to run under Solaris 10u8. We had
to add a 'trick' to the exports.solaris to get the code to dynamic load. The
interface gss_krb5_ccache_name is implemented inside the mech_krb5 library on
Solaris 10 (and is marked as private to the library despite being a global
symbol) so we added the line
gss_krb5_ccache_name = FUNCTION FILTER
/usr/lib/gss/mech_krb5.so.1;
in the local section of the mapfile. The full path was necessary as the
mech_krb5.so.1 file was not in the search path at link time.
The code now runs and it producing results. 'Getent passwd' works so long as
nscd is not running. If nscd is started then 'getent passwd username' works but
'getent passwd' does not. Anybody seen anything like this and can point me at
what the Solaris NSCD is doing. Note we have set the ldap cache to be a fake
service so that may be throwing nscd.
Howard.
Coherent Technology Limited, 23 Northampton Square, Finsbury, London EC1V 0HL,
United Kingdom
Telephone: +44 20 3355 6467 Mobile: +44 7980 639379
Company Email: coherent@cohtech.com Website: http://www.cohtech.com
<http://www.cohtech.com/>
________________________________
From: owner-nssldap@padl.com on behalf of Thomas Glanzmann
Sent: Tue 2009-12-29 15:13
To: Howard Wilkinson
Cc: Matthew Hardin; Luke Howard; nssldap@padl.com; Bernhard.Thalmayr@Sun.COM
Subject: Re: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
Hello Howard,
> thank you for the information. Can you comment on why you chose to
> statically link the libraries that nss_ldap calls in?
if a programm that wants to use nss_ldap.so via libc has another version
of the libs that nss_ldap.so need, it will crash. That's why I choose to
compile everything static in.
> We have been trying to use dynamic linking and keep being told that
> the routine gss_krb5_ccache_name does not exist, despite the fact that
> we can see it in the mech_krb5.so.1 library file.
What does ldd /path/to/nss_ldap.so say?
Thomas
- RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core, (continued)