nss_ldap broken with sshd on amd64 -stable
Sean McNeil
sean at mcneil.com
Fri Jan 13 00:33:57 PST 2006
Just found that sshd and nss_ldap is broken with the latest version.
Reverting to NSS_LDAP_VERSION=239 restores functionality.
The problem I believe is with getpwuid(). It looks like it is returning
NULL. I see:
login_get_lastlog: Cannot find account for uid X
from sshd.
I get the following additional errors with NSS_LDAP_VERSION=244:
sshd[]: nss_ldap: could not search LDAP server - Server is unavailable
sshd[]: fatal: login_get_lastlog: Cannot find account for uid 501
sshd[]: syslogin_perform_logout: logout() returned an error
Odd thing is, I see the following with 239:
sshd[]: nss_ldap: reconnecting to LDAP server...
sshd[]: nss_ldap: reconnected to LDAP server after 1 attempt(s)
with a successful login with sshd.
The only real difference I have in nss_ldap.conf from the standard is
bind_policy soft
Sean
More information about the freebsd-amd64
mailing list