[CentOS] LDAPs causing System Message Bus to hang when there's no network

Thu Apr 28 17:31:21 UTC 2011
Craig White <craigwhite at azapple.com>

On Thu, 2011-04-28 at 09:28 -0700, Paul Heinlein wrote:
> On Thu, 28 Apr 2011, Steve Thompson wrote:
> 
> > This works:
> >
> >   nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus
> 
> We use a slightly longer version:
> 
> nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
> 
> I suspect, however, that the extra users listed in our setup aren't 
> the cause of the hangups...
----
I use the following to prevent hanging at startup with LDAP.

nss_initgroups_ignoreusers root,ldap,bacula,named
timelimit 30
bind_timelimit 30
bind_policy soft

This is because some daemons start prior to the start of OpenLDAP
service.

Obviously adding haldaemon, dbus, radvd, tomcat, etc. or other 'users'
for daemons that launch prior to your LDAP server application is useful
but those users would have to be listed in /etc/passwd|group to
significantly benefit.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.