Host name lookup hangs with nss_ldap

[dwestf]

After an update to our Gentoo server, it will no longer lookup host names from ldap locally (it is the ldap server). A getent hosts will return all hosts names from ldap. If you try to lookup an single hostname with ping, ssh, or someother command the lookup hangs. It does not time out or return an error but will sit until you break it. Ldap hostname lookup works on all clients, including other gentoo boxes. Using wireshark I see that there is no attempt to connect to ldap on the server when trying hostname lookups. When getent hosts is entered Wireshark shows conection with ldap and ldap responds with all host names. We are not having any problems with user or group lookups. I don't believe that this is a problem with openldap because it is never contacted.

System has just had two emerge -e system builds followed by revdep and two emerge -e world builds (full, very conservative update that was long overdue). This was succesfully completed.

After reboot still had same problem, removed nss_ldap and reemerged, no change.

To work around this problem I appended the output from getent hosts to /etc/hosts and removed ldap from the hosts: line in /etc/nsswitch.conf.

Any ideas what may be causing this?




/etc/nsswitch.conf:
# $Header: /home/cvsroot/gentoo-src/rc-scripts/etc/nsswitch.conf,v 1.4 2002/11/18 19:39:22 azarah Exp $

passwd: files ldap
shadow: files ldap
group: files ldap

hosts: files ldap dns
networks: files ldap

services: files
protocols: files db
rpc: db files
ethers: db files
netmasks: files
netgroup: files
bootparams: files

automount: files
aliases: files



/etc/ldap.conf (Without comment lines):
host 127.0.0.1
base dc=CTL,dc=CrewSystems
SIZELIMIT 200
TIMELIMIT 2
DEREF never
rootbinddn cn=Manager,dc=CrewSystems
bind_policy soft
pam_password exop
nss_base_passwd ou=People,dc=CTL,dc=CrewSystems?one
nss_base_shadow ou=People,dc=CTL,dc=CrewSystems?one
nss_base_group ou=Group,dc=CTL,dc=CrewSystems?one
nss_base_hosts ou=Hosts,dc=CTL,dc=CrewSystems?one
suffix "dc=CrewSystems"
uri ldap://localhost
pam_password exop
ldap_version 3
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
scope one
sudoers_base ou=SUDOers,dc=CTL,dc=CrewSystems


Ldap versions:
* sys-auth/nss_ldap
Latest version available: 253
Latest version installed: 253

* net-nds/openldap
Latest version available: 2.3.35-r1
Latest version installed: 2.3.35-r1

emerge --info:
Portage 2.1.2.11 (default-linux/x86/2007.0/server, gcc-3.4.6, glibc-2.5-r4, 2.6.
21-gentoo-r4 i686)
=================================================================
System uname: 2.6.21-gentoo-r4 i686 Intel(R) XEON(TM) CPU 2.20GHz
Gentoo Base System release 1.12.9
Timestamp of tree: Thu, 23 Aug 2007 01:47:01 +0000
dev-lang/python: 2.4.4-r4
dev-python/pycrypto: 2.0.1-r6
sys-apps/sandbox: 1.2.17
sys-devel/autoconf: 2.13, 2.61
sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils: 2.17
sys-devel/gcc-config: 1.3.16
sys-devel/libtool: 1.5.23b
virtual/os-headers: 2.6.21
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/php/apache2-php4/ext-active/ /etc/php/cgi-php4/ext-active/ /etc/php/cli-php4/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c"
CXXFLAGS="-O2 -march=i686 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks metadata-transfer sandbox sfperms strict"
GENTOO_MIRRORS="http://distro.ibiblio.org/pub/linux/dis ... ns/gentoo/ http://www.gtlib.gatech.edu/pub/gentoo http://gentoo.mirrors.tds.net/gentoo http://mirror.datapipe.net/gentoo http://files.gentoo.org http://public.planetmirror.com/pub/gentoo/ "
LINGUAS="en"
MAKEOPTS="-j1"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress--force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X acl apaceh2 apache2 berkdb bitmap-fonts cdr cli cracklib crypt cups doc dri expat foomaticdb fortran gdbm gpm gtk iconv ipv6 isdnlog jabber jpg krb4 ldap mailwrapper midi mudflap mysql ncurses nis nls nptl nptlonly openmp pam pcre perl png pppd python readline reflection sasl session snmp spl ssl swat tcpd truetype truetype-fonts type1-fonts unicode x86 xml xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 e
s1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="apm arkchips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt mach64 mga neomagic ns
c nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo"
Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

[svf]

hey,

i have the same prob. looks like there's a bug from 2004

http://bugzilla.padl.com/show_bug.cgi?id=176 and

http://bugs.donarmstrong.com/cgi-bin/bu ... bug=218958

so i don't thinkt this will be fixed soon