RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: "Howard Wilkinson" <howard [at] cohtech.com>
To: "Thomas Glanzmann" <thomas [at] glanzmann.de>
Cc: "Matthew Hardin" <mhardin [at] symas.com>, "Luke Howard" <lukeh [at] padl.com>, <nssldap [at] padl.com>, <Bernhard.Thalmayr [at] sun.com>
Subject: RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
Date: Wed, 30 Dec 2009 13:52:41 -0000

Thomas et al,
 
making progress. We can now get the library to run under Solaris 10u8. We had 
to add a 'trick' to the exports.solaris to get the code to dynamic load. The 
interface gss_krb5_ccache_name is implemented inside the mech_krb5 library on 
Solaris 10 (and is marked as private to the library despite being a global 
symbol) so we added the line
 

                gss_krb5_ccache_name = FUNCTION FILTER 
/usr/lib/gss/mech_krb5.so.1;

in the local section of the mapfile. The full path was necessary as the 
mech_krb5.so.1 file was not in the search path at link time.
 
The code now runs and it producing results. 'Getent passwd' works so long as 
nscd is not running. If nscd is started then 'getent passwd username' works but 
'getent passwd' does not. Anybody seen anything like this and can point me at 
what the Solaris NSCD is doing. Note we have set the ldap cache to be a fake 
service so that may be throwing nscd.
 
Howard.
 
Coherent Technology Limited, 23 Northampton Square, Finsbury, London EC1V 0HL, 
United Kingdom
Telephone: +44 20 3355 6467 Mobile: +44 7980 639379
Company Email: coherent@cohtech.com Website: http://www.cohtech.com 
<http://www.cohtech.com/>  

________________________________

From: owner-nssldap@padl.com on behalf of Thomas Glanzmann
Sent: Tue 2009-12-29 15:13
To: Howard Wilkinson
Cc: Matthew Hardin; Luke Howard; nssldap@padl.com; Bernhard.Thalmayr@Sun.COM
Subject: Re: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core



Hello Howard,

> thank you for the information. Can you comment on why you chose to
> statically link the libraries that nss_ldap calls in?

if a programm that wants to use nss_ldap.so via libc has another version
of the libs that nss_ldap.so need, it will crash. That's why I choose to
compile everything static in.

> We have been trying to use dynamic linking and keep being told that
> the routine gss_krb5_ccache_name does not exist, despite the fact that
> we can see it in the mech_krb5.so.1 library file.

What does ldd /path/to/nss_ldap.so say?

        Thomas

RE: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core, (continued)

Prev by Date: Re: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
Next by Date: Re: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
Previous by thread: Re: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core
Next by thread: Re: [nssldap] Solaris 10 update 5 - nss_ldap makes nscd dump core