Cyrus and SASL ldapdb = SIGABRT (SOLVED)
Andrew Morgan
morgan at orst.edu
Thu Jul 19 16:37:54 EDT 2007
On Thu, 19 Jul 2007, Rouven Sacha wrote:
> Am Donnerstag, den 19.07.2007, 16:29 +0200 schrieb Rouven Sacha:
>> A small update:
>>
>> the problem seems to disappear if i disable libnss-ldap in nsswitch.conf
>> - which is no long term solution for me, unfortunately.
>
> Hi Folks,
>
> I managed to find a solution. It's a Debian Bug. libnss-ldap.conf has
> permissions set to 0600, so Cyrus isn't able to access it and aborts.
> Wonder why it doesn't do it at the first time, but nevertheless.
>
> The bug is described here:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376277
On a busy server, you'll want to run nscd to cache lookups anyways, and
since nscd runs as root it won't have problems with 600 permissions. In
general, libnss-ldap.conf may contains your ldap binddn and password so
you wouldn't want it to be publicly readable. On a closed server this
wouldn't matter much though.
Andy
More information about the Info-cyrus
mailing list