Actions
Bug #421
closed
nslcd service has stopped working
Added by Pierre-Louis Bonicoli over 10 years ago. Updated about 5 years ago.
Start date:
2014-12-26
Due date:
% Done:
100%
Estimated time:
Patch Available:
Confirmed:
Yes
Branch:
Entity:
DuckCorp
Security:
No
Help Needed:
Description
Apache LDAP authentication didn't work and /var/log/syslog contained:
Dec 26 14:15:54 toushirou nslcd[17714]: [025182] <passwd="*"> request denied by validnames option Dec 26 14:15:54 toushirou nslcd[17714]: [882a3f] <passwd="*"> request denied by validnames option Dec 26 14:15:55 toushirou nslcd[17714]: [f69ceb] <passwd="*"> request denied by validnames option Dec 26 14:15:55 toushirou nslcd[17714]: [2e9ade] <passwd="*"> request denied by validnames option
Slapd was working./etc/init.d/nslcd restart fixed the problem.
May be related to debian bug #753904.
Updated by Pierre-Louis Bonicoli over 10 years ago
Encounter again.
Apache LDAP module mod_ldap could be the culprit.
LDAPLibraryDebug 7 has been added to /etc/apache2/mods-enabled/ldap.conf and apache has been restarted.
Updated by Pierre-Louis Bonicoli over 10 years ago
It seems that mod_ldap is the culprit. LDAPConnectionPoolTTL 60 has been added to the configuration file (see https://issues.apache.org/bugzilla/show_bug.cgi?id=57203#c6).
first¶
[Sat Dec 27 16:25:21.258406 2014] [auth_basic:error] [pid 12151] [client 79.88.186.207:42973] AH01618: user gorou not found: /duck/gorou_verard/public/admin/bois/1572/bois_variantes/1804/bois_representation_images, referer: http://perso.duckcorp.org/duck/gorou_verard/public/admin/bois/1572/bois_variantes/1804/bois_representation_images/5873 [Sat Dec 27 16:25:24.708652 2014] [auth_basic:error] [pid 12151] [client 79.88.186.207:42973] AH01618: user gorou not found: /duck/gorou_verard/public/admin/bois/1572/bois_variantes/1804/bois_representation_images, referer: http://perso.duckcorp.org/duck/gorou_verard/public/admin/bois/1572/bois_variantes/1804/bois_representation_images/5873
** ld 0x7f74a184de70 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x7f74a184de70 request count 1 (abandoned 0) ** ld 0x7f74a184de70 Response Queue: Empty ld 0x7f74a184de70 response count 0 ldap_chkResponseList ld 0x7f74a184de70 msgid 1 all 0 ldap_chkResponseList returns ld 0x7f74a184de70 NULL ldap_int_select read1msg: ld 0x7f74a184de70 msgid 1 all 0 read1msg: ld 0x7f74a184de70 msgid 1 message type bind read1msg: ld 0x7f74a184de70 0 new referrals read1msg: mark request completed, ld 0x7f74a184de70 msgid 1 request done: ld 0x7f74a184de70 msgid 1 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_parse_result ldap_msgfree ldap_search_ext put_filter: "(&(objectClass=primaryAccount)(uid=damien))" put_filter: AND put_filter_list "(objectClass=primaryAccount)(uid=damien)" put_filter: "(objectClass=primaryAccount)" put_filter: simple put_simple_filter: "objectClass=primaryAccount" put_filter: "(uid=damien)" put_filter: simple put_simple_filter: "uid=damien" ldap_build_search_req ATTRS: uid mail cn ldap_send_initial_request ldap_send_server_request ldap_result ld 0x7f74a184de70 msgid 2 wait4msg ld 0x7f74a184de70 msgid 2 (timeout 60000000 usec) wait4msg continue ld 0x7f74a184de70 msgid 2 all 1 ** ld 0x7f74a184de70 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Sat Dec 27 16:24:18 2014
** ld 0x7f74a184de70 Outstanding Requests: * msgid 3, origid 3, status InProgress outstanding referrals 0, parent count 0 ld 0x7f74a184de70 request count 1 (abandoned 0) ** ld 0x7f74a184de70 Response Queue: Empty ld 0x7f74a184de70 response count 0 ldap_chkResponseList ld 0x7f74a184de70 msgid 3 all 0 ldap_chkResponseList returns ld 0x7f74a184de70 NULL ldap_int_select read1msg: ld 0x7f74a184de70 msgid 3 all 0 read1msg: ld 0x7f74a184de70 msgid 3 message type bind read1msg: ld 0x7f74a184de70 0 new referrals read1msg: mark request completed, ld 0x7f74a184de70 msgid 3 request done: ld 0x7f74a184de70 msgid 3 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 3, msgid 3) ldap_parse_result ldap_msgfree ldap_get_values ldap_get_values ldap_get_values ldap_msgfree ldap_search_ext put_filter: "(&(objectClass=baseAccount)(uid=gorou))" put_filter: AND put_filter_list "(objectClass=baseAccount)(uid=gorou)" put_filter: "(objectClass=baseAccount)" put_filter: simple put_simple_filter: "objectClass=baseAccount" put_filter: "(uid=gorou)" put_filter: simple put_simple_filter: "uid=gorou" ldap_build_search_req ATTRS: uid ldap_send_initial_request ldap_send_server_request ldap_result ld 0x7f74a184de70 msgid 4 wait4msg ld 0x7f74a184de70 msgid 4 (timeout 60000000 usec) wait4msg continue ld 0x7f74a184de70 msgid 4 all 1 ** ld 0x7f74a184de70 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Sat Dec 27 16:25:21 2014
second¶
[Tue Dec 30 02:03:59.673857 2014] [auth_basic:error] [pid 2243] [client 79.88.186.207:57578] AH01618: user gorou not found: /duck/gorou_verard/public/admin/bois, referer: http://perso.duckcorp.org/duck/gorou_verard/public/admin/bois/1351 [Tue Dec 30 02:04:01.528648 2014] [auth_basic:error] [pid 2243] [client 79.88.186.207:57578] AH01618: user gorou not found: /duck/gorou_verard/public/admin/bois, referer: http://perso.duckcorp.org/duck/gorou_verard/public/admin/bois/1351
* ld 0x7f74a1b9ea20 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x7f74a1b9ea20 request count 1 (abandoned 0) ** ld 0x7f74a1b9ea20 Response Queue: Empty ld 0x7f74a1b9ea20 response count 0 ldap_chkResponseList ld 0x7f74a1b9ea20 msgid 1 all 0 ldap_chkResponseList returns ld 0x7f74a1b9ea20 NULL ldap_int_select read1msg: ld 0x7f74a1b9ea20 msgid 1 all 0 read1msg: ld 0x7f74a1b9ea20 msgid 1 message type bind read1msg: ld 0x7f74a1b9ea20 0 new referrals read1msg: mark request completed, ld 0x7f74a1b9ea20 msgid 1 request done: ld 0x7f74a1b9ea20 msgid 1 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_parse_result ldap_msgfree ldap_search_ext put_filter: "(&(objectClass=primaryAccount)(uid=damien))" put_filter: AND put_filter_list "(objectClass=primaryAccount)(uid=damien)" put_filter: "(objectClass=primaryAccount)" put_filter: simple put_simple_filter: "objectClass=primaryAccount" put_filter: "(uid=damien)" put_filter: simple put_simple_filter: "uid=damien" ldap_build_search_req ATTRS: uid mail cn ldap_send_initial_request ldap_send_server_request ldap_result ld 0x7f74a1b9ea20 msgid 2 wait4msg ld 0x7f74a1b9ea20 msgid 2 (timeout 60000000 usec) wait4msg continue ld 0x7f74a1b9ea20 msgid 2 all 1 ** ld 0x7f74a1b9ea20 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Tue Dec 30 02:03:31 2014
** ld 0x7f74a1b9ea20 Outstanding Requests: * msgid 3, origid 3, status InProgress outstanding referrals 0, parent count 0 ld 0x7f74a1b9ea20 request count 1 (abandoned 0) ** ld 0x7f74a1b9ea20 Response Queue: Empty ld 0x7f74a1b9ea20 response count 0 ldap_chkResponseList ld 0x7f74a1b9ea20 msgid 3 all 0 ldap_chkResponseList returns ld 0x7f74a1b9ea20 NULL ldap_int_select read1msg: ld 0x7f74a1b9ea20 msgid 3 all 0 read1msg: ld 0x7f74a1b9ea20 msgid 3 message type bind read1msg: ld 0x7f74a1b9ea20 0 new referrals read1msg: mark request completed, ld 0x7f74a1b9ea20 msgid 3 request done: ld 0x7f74a1b9ea20 msgid 3 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 3, msgid 3) ldap_parse_result ldap_msgfree ldap_get_values ldap_get_values ldap_get_values ldap_msgfree ldap_search_ext put_filter: "(&(objectClass=baseAccount)(uid=gorou))" put_filter: AND put_filter_list "(objectClass=baseAccount)(uid=gorou)" put_filter: "(objectClass=baseAccount)" put_filter: simple put_simple_filter: "objectClass=baseAccount" put_filter: "(uid=gorou)" put_filter: simple put_simple_filter: "uid=gorou" ldap_build_search_req ATTRS: uid ldap_send_initial_request ldap_send_server_request ldap_result ld 0x7f74a10b37b0 msgid 4 wait4msg ld 0x7f74a10b37b0 msgid 4 (timeout 60000000 usec) wait4msg continue ld 0x7f74a10b37b0 msgid 4 all 1 ** ld 0x7f74a10b37b0 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Tue Dec 30 02:03:59 2014
Updated by Pierre-Louis Bonicoli about 10 years ago
- Status changed from New to Resolved
- Assignee set to Pierre-Louis Bonicoli
- % Done changed from 0 to 100
- Confirmed changed from No to Yes
- Security set to No
LDAPConnectionPoolTTL 60 in /etc/apache2/mods-enabled/ldap.conf is an effective workaround.
Actions:
LDAPLibraryDebug 7removed from/etc/apache2/mods-enabled/ldap.confapacherestarted
Updated by Marc Dequènes about 5 years ago
- Category set to Service :: IS / AAA / PKI
Actions