| View previous topic :: View next topic |
| Author |
Message |
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
 Posted: Sat Oct 11, 2008 3:57 pm Post subject: nss_ldap: could not search LDAP server - Server is unavailab |
 |
|
This server won't finish booting as it gets stuck on 3 init scripts. I've narrowed this down by using the interactive boot and found which specific ones it was getting stuck on. Those services are vmware-tools, clamd, and nrpe. I've also figured out why they are hanging on bootup. The server that hangs on bootup, lets call it serverA. I have another server hosting an ldap server, serverB. The reason serverA is hanging is because it cannot contact the LDAP server on serverB. The fix is to restart slapd on serverB while serverA is booting up. Very strange huh? Anyways, how can I resolve this issue permanently?
emerge --info:
| Code: | Portage 2.1.4.5 (hardened/amd64/multilib, gcc-3.4.6, glibc-2.6.1-r0, 2.6.25-hardened-r5 x86_64)
=================================================================
System uname: 2.6.25-hardened-r5 x86_64 AMD Athlon(tm) 64 Processor 3200+
Timestamp of tree: Sat, 11 Oct 2008 07:05:01 +0000
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.4 [enabled]
app-shells/bash: 3.2_p33
dev-lang/python: 2.5.2-r7
dev-util/ccache: 2.4-r7
sys-apps/baselayout: 1.12.11.1
sys-apps/sandbox: 1.2.18.1-r2
sys-devel/autoconf: 2.13, 2.61-r2
sys-devel/automake: 1.4_p6, 1.5, 1.9.6-r2, 1.10.1-r1
sys-devel/binutils: 2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool: 1.5.26
virtual/os-headers: 2.6.23-r3
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=k8 -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -pipe -march=k8 -fomit-frame-pointer"
DISTDIR="/var/tmp/distfiles"
EMERGE_DEFAULT_OPTS="--alphabetical"
FEATURES="autoconfig ccache digest distlocks dstlocks metadata-transfer parallel parallel-fetch sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
LANG="en_US"
LC_ALL="en_US"
LINGUAS="en en_US"
MAKEOPTS="-j2"
PKGDIR="/var/tmp/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/sunrise /usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="acl amd64 apache2 bash-completion berkdb bzip2 cracklib crypt doc gcj hardened javascript jpeg justify ldap midi nls nptl nptlonly pam perl pic png readline samba skey snmp sse sse2 sse3 ssl tcpd threads tiff urandom vhosts xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i810 mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga vmware voodoo"
Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS |
/etc/pam.d/system-auth:
| Code: | auth required pam_env.so
auth sufficient pam_unix.so try_first_pass likeauth nullok
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account required pam_ldap.so ignore_unknown_user ignore_authinfo_unavail
account required pam_unix.so
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3
password sufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow
password sufficient pam_ldap.so use_authtok use_first_pass
password required pam_deny.so
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_ldap.so
session optional pam_mkhomedir.so skel=/etc/skel umask=0022 |
/etc/nsswitch.conf:
| Code: | passwd: compat ldap
shadow: compat ldap
group: compat ldap
# passwd: db files nis
# shadow: db files nis
# group: db files nis
hosts: files dns ldap
networks: files dns ldap
services: db files ldap
protocols: db files ldap
rpc: db files ldap
ethers: db files ldap
netmasks: files
netgroup: files ldap
bootparams: files
automount: files
aliases: files |
Last edited by plut0 on Mon Jan 26, 2009 9:15 pm; edited 1 time in total |
|
| Back to top |
|
 |
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
| Posted: Wed Dec 17, 2008 1:02 am Post subject: |
|
|
| Still looking for help on this. |
|
| Back to top |
|
|
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
| Posted: Mon Jan 26, 2009 9:21 pm Post subject: |
|
|
Here is part of the bootup log:
| Code: | Jan 26 15:39:07 serverA apache2: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:07 serverA apache2: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:13 serverA apache2: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:13 serverA apache2: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:13 serverA apache2: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:13 serverA apache2: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:16 serverA clamd: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:39:16 serverA clamd: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:44:31 serverA freshclam: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:44:31 serverA freshclam: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:44:49 serverA fcron[8624]: fcron[8624] 3.0.4 started
Jan 26 15:44:49 serverA fcron[8624]: updating configuration from /var/spool/fcron
Jan 26 15:44:49 serverA fcron[8624]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:44:49 serverA fcron[8624]: ignoring file "vmail" : not in passwd file.: Transport endpoint is not connected
Jan 26 15:44:49 serverA fcron[8624]: adding file root
Jan 26 15:44:49 serverA fcron[8624]: adding file amavis
Jan 26 15:44:49 serverA dovecot-auth: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:45:10 serverA fcron[8708]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:45:10 serverA fcron[8708]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:45:13 serverA perl: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:46:03 serverA fcron[8714]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:46:03 serverA fcron[8714]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:46:46 serverA sshd[8723]: pam_ldap: ldap_starttls_s: Can't contact LDAP server
Jan 26 15:46:46 serverA sshd[8723]: pam_ldap: ldap_simple_bind Can't contact LDAP server
Jan 26 15:46:47 serverA sshd[8723]: pam_ldap: ldap_simple_bind Can't contact LDAP server
Jan 26 15:46:47 serverA sshd[8723]: pam_ldap: ldap_simple_bind Can't contact LDAP server
Jan 26 15:46:49 serverA sshd[8725]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:46:49 serverA sshd[8725]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:46:49 serverA perl: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:46:55 serverA perl: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA start-stop-daemon: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA amavis[8734]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA perl: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA su[8853]: pam_ldap: ldap_starttls_s: Connect error
Jan 26 15:53:36 serverA su[8824]: pam_ldap: ldap_starttls_s: Connect error
Jan 26 15:53:36 serverA su[8827]: pam_ldap: ldap_starttls_s: Connect error
Jan 26 15:53:36 serverA fcron[8838]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA sudo: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA start-stop-daemon: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA fcron[8838]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA fcron[8868]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA sudo: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:36 serverA fcron[8868]: nss_ldap: could not search LDAP server - Server is unavailable
Jan 26 15:53:48 serverA su[8827]: pam_ldap: ldap_result Can't contact LDAP server
Jan 26 15:53:50 serverA su[8824]: pam_ldap: ldap_result Can't contact LDAP server |
|
|
| Back to top |
|
|
Ladius
n00b
Joined: 23 Jan 2003
Posts: 39
Location: California, USA
|
| Posted: Wed Feb 04, 2009 6:18 pm Post subject: |
|
|
Sounds like you need to check your ldap.conf settings that are used for pam_ldap and nss_ldap.
This link might be of use http://www.liquidx.net/blog/2006/04/03/nss_ldap-undocumented-nss_reconnect_tries/.
Likely what is halting your boot is very similar to the article author in that your serverA is attempting to query ldap for user/groups. The reason it works when your reboot ServerB's slapd is that instead of a connection it falls back to the local /etc/password and /etc/group files allowing it to continue. |
|
| Back to top |
|
|
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
| Posted: Tue Mar 17, 2009 2:26 am Post subject: |
|
|
This seems to be a much deeper issue. I got this error on the console when attempting to login eventually failed and timed out with this error:
| Code: | | ldap_parse_result assertion `r != ((void *)0) failed' |
Google shows this might be an issue with the storage backend. I am using ldbm. |
|
| Back to top |
|
|
|
Other Things Gentoo
