Cyrus + LDAP = death by 13
Roland Felnhofer
roland.felnhofer at chello.at
Mon Mar 12 07:58:24 EST 2007
Hi Kos,
maybe I found the underlaying problem!!!
# Connection policy:
# persist: DSA connections are kept open (default)
# oneshot: DSA connections destroyed after request
+nss_connect_policy oneshot
-#nss_connect_policy persist
I set 'nss_connect_policy' to oneshot and Cyrus IMAP starts without
problems (so far - I'll run further test) !!!
I saw in the ldap.log that if I did a 'ls -all' over a directory the ldap
chat terminated (successfully - but nonetheless) with the following lines_
Mar 12 13:34:50 roka2 slapd[2942]: conn=449 op=4 SEARCH RESULT tag=101
err=0 nentries=1 text=
Mar 12 13:34:50 roka2 slapd[2942]: conn=449 fd=42 closed (connection lost)
I changed to and the chat ended with the following lines:
Mar 12 13:52:50 roka2 slapd[2942]: conn=511 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Mar 12 13:52:50 roka2 slapd[2942]: conn=511 op=2 UNBIND
Mar 12 13:52:50 roka2 slapd[2942]: conn=511 fd=42 closed
Where when I did a ldapsearch uid=whateveraccount it terminated with the
following lines:
Mar 12 13:55:53 roka2 slapd[2942]: conn=521 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Mar 12 13:55:53 roka2 slapd[2942]: conn=521 op=2 UNBIND
Mar 12 13:55:53 roka2 slapd[2942]: conn=521 fd=44 closed
I was irritated by 'closed (connection lost)'. 'Connection lost' does not
look like a clean termination of a communication.
Best regards
Roland
Some more nss_ldap testing results.
nss_ldap-255 NOT working
nss_ldap-254 NOT working
nss_ldap-253 NOT working
nss_ldap-252 NOT working
nss_ldap-251 NOT working
nss_ldap-250 NOT working
nss_ldap-249 NOT working
nss_ldap-248 NOT working
nss_ldap-247 - not tested -
nss_ldap-246 NOT working (SuSE source RPM)
nss_ldap-245 !! could not find source !!
nss_ldap-244 WORKING
nss_ldap-243 - not tested -
nss_ldap-242 - not tested -
nss_ldap-241 - not tested -
nss_ldap-240 WORKING
Guus, can you say what distro you using and what architecture you've
compiled it for? Since I have no problem on amd64, but on x86 it exists.
yours,
kos
Respectfully,
Konstantin V. Gavrilenko
Managing Director
Arhont Ltd - Information Security
web: http://www.arhont.com
http://www.wi-foo.com
e-mail: k.gavrilenko at arhont.com
tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141
PGP: Key ID - 0xE81824F4
PGP: Server - keyserver.pgp.com
Guus Leeuw jr. wrote:
More information about the Info-cyrus
mailing list