[Pkg-utopia-maintainers] Bug#379164: Dbus and ldap

Mon Sep 11 20:33:59 UTC 2006

On Mon, Sep 11, 2006 at 12:01:12AM +0200, Anthony Prades wrote:
> > Try moving the startup sequence for dbus from S20 to S21 and make sure 
> > that nscd is installed and starting at S20 (should be its default).
> >
> > -- 
> > Jamin W. Collins
> 
> dbus version 0.92-2
> nscd version 2.3.6.ds1-4
> libnss-ldap version 251-5.1
> 
> Hi,
> 
>     I've done that and dbus work fine.
> 
>     I use LDAP over SSL, so I'll do what is suggested by sjoerd at spring.luon.net.
> I'll inform you as soon as possible.
> 
> Anthony

Well, I've done some tests.

dbus version 0.92-2
nscd version 2.3.6.ds1-4
libnss-ldap version 251-5.1

By defaults :
 - libnss-ldap use LDAPs ;
 - /etc/libnss-ldap.conf have the rights : 600 ;
 - nscd was installed ;

In this case, when 'dbus' use the S20 startup sequence, 'dbus' failed on 'hald' startup
during the execution of :
/etc/dbus-1/event.d/20hal

If 'dbus' use the S21 startup sequence, all works fine.

For the test I configure dbus on S20 startup sequence :
  $ update-rc.d -f dbus remove
  $ update-rc.d dbus start 20 2 3 4 5 . stop 20 0 1 6 .

I remove 'nscd' with the command :
  $ apt-get remove --purge nscd
  $ rm -rf /var/db/nscd
and change the 'libnss-ldap.conf' rights to '644'.

After reboot, 'hald' fail to start.
But it's also impossible to loggin... The authentication is ok, the
'pam_motd.so' is used (I can see the message) , but
the session close (during libnss-ldap ?)... Idem from 'gdm'.

In recovery mode, when I execute the command :
  $ id user
I get the good informations from LDAP with LDAPs (??).
But '/etc/init.d/dbus start' failed on 'hald' startup...

I modify the libnss-ldap configuration to use LDAP request.
In '/etc/libnss-ldap.conf', I change the line from :
uri ldaps://ldapserver.domain.local/
to :
uri ldap://ldapserver.domain.local/

After reboot all is ok :
  - I can loggin. YES!
  - 'dbus' and 'hald' start.

I've tried after reinstalling 'nscd' :
  $ apt-get install nscd
and set the rights of '/etc/libnss-ldap.conf' to 600.
'nscd' use the S20 startup sequence.
After reboot, all works too.

As soon as I use LDAPs request, I must change the 'dbus' startup
sequence from S20, to S21.
And 'nscd' is needed, else I can't loggin...

In short :
    - Without 'nscd' :
        - with LDAP request : OK ;
        - with LDAPs request : Not OK (and loggin fail) ;
                               in recovery mode, 'id' works and 'hald' fails...
    - With 'nscd' :
        - with LDAP request : OK ;
        - with LDAPs request : Not OK if the 'dbus' startup sequence is S20 ;
                               Ok if the 'dbus' startup sequence is S21.

In the 2 cases, with or without, 'nscd' is not started when 'dbus' start and fail :
  - without 'nscd' : libnss-ldap contact LDAP server directly ;
  - with 'nscd' : when 'dbus' and 'nscd' use the S20 startup sequence, 'dbus' start first,
    so it's like without nscd ;

I'm not sure if it's or not a 'dbus' bug, but it seems that libnss-ldap
is not "white as the driven snow"... :)

Anthony