Ubuntu
libnss-ldap package

wrong id behaviour on a system with LDAP

Bug #191884 reported by Lionel Porcheron
26
Affects Status Importance Assigned to Milestone
coreutils
Unknown
Unknown
libnss-ldap (Ubuntu)
Confirmed
Undecided
Unassigned
Declined for Hardy by Mathias Gug

Bug Description

Binary package hint: coreutils

Using LDAP on a hardy system results in a quite strange behaviour of id:
# id root
uid=0(root) gid=0(root)id: failed to get groups for user `root': No such file or directory

A "normal" user does only show his main group:
# id lionel
uid=1000(lionel) gid=1000(alveonet) groups=1000(alveonet)
# ldapsearch -xLLL memberUid=lionel cn | grep dn
dn: cn=alveonet,ou=groups,XXXX
dn: cn=alveonet-sysadmin,ou=groups,XXXX
dn: cn=hive-dev,ou=groups,XXXX
dn: cn=ain7-dev,ou=groups,XXXX

There is a post on the bugs-coreutils ML which seems relative to this:
http://thread.gmane.org/gmane.comp.gnu.coreutils.bugs/12375

Revision history for this message
thowie (thomas-wiese) wrote :

i had this bug too
is there a workaround???
Because my Cyrus setup won't work on Hardy... ;(
Thanks...

Revision history for this message
Martin Emrich (emme) wrote :

Same here on a upgraded to hardy, cited from the duplicate #200454 :

"This problem prevents most of local daemons (avahi, dbus, etc.) from start!
Workaround: disable ldap for groups in /etc/nsswitch.conf, so that users are resolved both from files and ldap while groups only from files."

Changed in coreutils:
status: New → Confirmed
Revision history for this message
Patrick McLean (patrick-cim) wrote :

I am hitting this bug as well, removing ldap from group in nsswitch isn't much of a solution, you are basically disabling getting groups through LDAP.

Revision history for this message
Patrick McLean (patrick-cim) wrote :

From http://savannah.gnu.org/bugs/?22505, this is a bug in libnss-ldap, not in coreutils. Manually installing libnss-ldap version 260 fixes the problem for me, so simply updating the package to 260 in hardy should fix the problem.

Revision history for this message
Matt Ezell (mezell1) wrote :

I cannot get ldap authentication to work in Hardy with this bug (using just Ubuntu packages). This needs to be fixed before Hardy's release- I would consider this a critical bug.

Would the maintainer look into upgrading libnss-ldap ?

Revision history for this message
Matt Ezell (mezell1) wrote :

As a workaround for other experiencing the problem, here are the steps to upgrade libnss-ldap on your own:
sudo apt-get install build-essential libldap2-dev
wget http://www.padl.com/download/nss_ldap.tgz
tar -zxvf nss_ldap.tgz
cd nss_ldap-260
./configure
./make
sudo make install

Revision history for this message
Matt Ezell (mezell1) wrote :

coreutils (6.10-3) and the ubuntu patches (6.10-3ubuntu2), seem to make the issue go away.

Although I would still recommend Ubuntu sync libnss-ldap with upstream, this is not a critical bug anymore.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.