Putting that entry into /etc/ethers and removing it from the LDAP makes
the second lookup work just fine. Therefore my guess is that libnss-ldap
is to blame (maybe not, but I certainly lack the insight to make that call).
I'll be happy to provide any additional information you might need.
Versions of packages libnss-ldap depends on:
ii debconf 1.4.30.11 Debian configuration management sy
ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an
ii libkrb53 1.3.5-1 MIT Kerberos runtime libraries
ii libldap2 2.1.30-3 OpenLDAP libraries
Package: libnss-ldap
Version: 238-1
Severity: normal
I'm starting to migrate /etc/ethers into LDAP. I've added the following entry:
# mosu, ethers, bs.linet- services. de ou=ethers, dc=bs,dc= linet-services, dc=de
dn: cn=mosu,
cn: mosu
macAddress: 00:04:75:AD:B5:8E
objectClass: device
objectClass: ieee802Device
objectClass: top
/etc/nsswitch.conf and /etc/libnss- ldap.conf have been modified to do
lookups via LDAP. And it does indeed work -- at least partially:
0 mbunkus@ ls-bs-si2: ~$ getent ethers mosu ls-bs-si2: ~$ getent ethers 0:4:75:ad:b5:8e ls-bs-si2: ~$
0:4:75:ad:b5:8e mosu
0 mbunkus@
2 mbunkus@
Looking at the traffic with tcpdump/Ethereal reveals that the second lookup
results in the wrong filter being used:
(&(objectclass= ieee802Device) (macAddress= 68:f9:ff: bf:e0:bb) )
Putting that entry into /etc/ethers and removing it from the LDAP makes
the second lookup work just fine. Therefore my guess is that libnss-ldap
is to blame (maybe not, but I certainly lack the insight to make that call).
I'll be happy to provide any additional information you might need.
Thanks,
Mosu
-- System Information: ISO-8859- 15)
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.28
Locale: LANG=C, LC_CTYPE=de_DE@euro (charmap=
Versions of packages libnss-ldap depends on:
ii debconf 1.4.30.11 Debian configuration management sy
ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an
ii libkrb53 1.3.5-1 MIT Kerberos runtime libraries
ii libldap2 2.1.30-3 OpenLDAP libraries
-- debconf information: ldap/dblogin: false ldap/override: true ldapns/ base-dn: ou=accounts, dc=bs,dc= linet-services, dc=de ldapns/ ldap-server: ls-bs-si1. bs.linet- services. de ldap/confperm: false ldapns/ ldap_version: 3 ldap/binddn: cn=proxyuser, dc=example, dc=net ldap/nsswitch:
* libnss-
libnss-
* shared/
* shared/
* libnss-
* shared/
libnss-
* libnss-