Bernhard Gschaider
2008-Jun-24 19:34 UTC
[CentOS] udevd can't reach LDAP-server during boot
Hi! I'm using CentOS 5.1 (x86_64) machines which authenticate using LDAP. At the start of booting I get messages like this: udevd[1158]: nss_ldap: failed to bind to LDAP server ldaps://ldap.server.example.com/: Can't contact LDAP server udevd[1158]: nss_ldap: reconnecting to LDAP server... udevd[1158]: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server udevd[1158]: nss_ldap: failed to bind to LDAP server ldaps://ldap.server.example.com/: Can't contact LDAP server udevd[1158]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)... This escaletes to 2, 4, 8, 16, 32, 64 seconds. After that (==timeouting for 2 minutes) booting continues without problem, so this is not really a showstopper, but inconvenient. Googling around revealed some fixes for Debian/Ubuntu. The bottom line i that udevd needs some user/group that is not in the local files but on the LDAP-server. The fix usually was adding this user (nvram, scanner ...) or group locally. The problem is, that on these systems after the last attempt something like udevd[1158]: lookup_group: error resolving group 'rdma': Illegal seek is printed out, makeing it easy to find the right group/user. Is there a way to get CentOS to a similar behaviour, making it easier to find the culprit? Bernhard
Bernhard Gschaider wrote:> Hi! > > I'm using CentOS 5.1 (x86_64) machines which authenticate using > LDAP. At the start of booting I get messages like this: > > udevd[1158]: nss_ldap: failed to bind to LDAP server ldaps://ldap.server.example.com/: Can't contact LDAP server > udevd[1158]: nss_ldap: reconnecting to LDAP server... > udevd[1158]: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server > udevd[1158]: nss_ldap: failed to bind to LDAP server ldaps://ldap.server.example.com/: Can't contact LDAP server > udevd[1158]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)... > > This escaletes to 2, 4, 8, 16, 32, 64 seconds. After that > (==timeouting for 2 minutes) booting continues without problem, so > this is not really a showstopper, but inconvenient. > > Googling around revealed some fixes for Debian/Ubuntu. The bottom line > i that udevd needs some user/group that is not in the local files but > on the LDAP-server. The fix usually was adding this user (nvram, > scanner ...) or group locally. The problem is, that on these systems > after the last attempt something like > > udevd[1158]: lookup_group: error resolving group 'rdma': Illegal seek > > is printed out, makeing it easy to find the right group/user. Is there > a way to get CentOS to a similar behaviour, making it easier to find > the culprit? >There is a BUG with nss_ldap: https://bugzilla.redhat.com/show_bug.cgi?id=448014 We have this bug listed in our release notes: http://wiki.centos.org/Manuals/ReleaseNotes/CentOS5.2#head-447967c60eb305ef2c5dbbc3f4e8b3c4c5170632 You can try the nss_ldap from our testing repo for this bug: http://dev.centos.org/centos/5/ This may help with the problem. Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080624/eb57c26a/attachment-0002.sig>
Meenoo Shivdasani
2008-Jun-24 19:51 UTC
[CentOS] udevd can't reach LDAP-server during boot
On Tue, Jun 24, 2008 at 3:44 PM, Johnny Hughes <johnny at centos.org> wrote:> There is a BUG with nss_ldap: > > https://bugzilla.redhat.com/show_bug.cgi?id=448014 > > We have this bug listed in our release notes: > > http://wiki.centos.org/Manuals/ReleaseNotes/CentOS5.2#head-447967c60eb305ef2c5dbbc3f4e8b3c4c5170632 > > You can try the nss_ldap from our testing repo for this bug: > > http://dev.centos.org/centos/5/ > > This may help with the problem.FWIW, my experience with a variant of this problem and nss_ldap from the testing repo was that boot would hang indefinitely at udevd unless I limited the nss_reconnect_* values. I ended up changing to bind_policy soft as a workaround. M
Reasonably Related Threads
- Re: [PATCH v2 1/7] appliance: Print location of udevd.
- [PATCH v2 1/7] appliance: Print location of udevd.
- Message udevd[374]: timeout: killing '/sbin/modprobe -b dans syslog
- Unable to start container after OS upgrade
- Problem making usbhid-ups working on Centos 5.7