ldap and hosts

Nigel Wade nmw at ion.le.ac.uk
Fri Apr 21 15:00:05 UTC 2006


Andrew wrote:
> Hello everyone,
> 
> I have a ldap server running on another distro and I use it for a lot of 
> different things (such as users, passwords, and hosts) and it all works 
> fine on that distro.  I'm also trying to get all of this to work in FC5 
> and so far I have gotten users and passwords to work but the hosts is 
> giving me problems.  If I type getent hosts I see the complete list of 
> hosts as it should be but if I try to ping one of the hosts it just 
> hangs.  If I try to ping the ip address everything works fine.  I should 
> also note that I can't ping domain's either (such as yahoo.com) again it 
> just hangs but if I use a browser I can browse to them.  On another 
> note, when I type getent hosts in the ldap console i can see the query 
> but when I try to ping a single domain I see nothing in the ldap 
> console, not even an attempt.
> 
> Thanks for your time
> -Andrew
> 

It appears that there is something strange going on internally in ping. 
I see exactly the same problem, ping hangs. I've done some additional 
tests. Namely, ssh, telnet and other commands resolve a hostname 
perfectly, but ping is hanging on a futex. This is from strace:

munmap(0x2a9556c000, 4096)              = 0
uname({sys="Linux", node="ion2.ion.le.ac.uk", ...}) = 0
futex(0x2a959b3da0, FUTEX_WAIT, 2, NULLopen("/etc/ldap.conf", O_RDONLY) 
        = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=6231, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0x2a9556c000
read(4, "# @(#)$Id: ldap.conf,v 1.24 2001"..., 4096) = 4096
read(4, "one\nnss_base_aliases\tou=Aliases,"..., 4096) = 2135
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x2a9556c000, 4096)              = 0
open("/etc/ldap.secret", O_RDONLY)      = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=11, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0x2a9556c000
read(4, "bindpassword\n\n", 4096)          = 11
close(4)                                = 0
munmap(0x2a9556c000, 4096)              = 0
uname({sys="Linux", node="ion2.ion.le.ac.uk", ...}) = 0
futex(0x2a959b3da0, FUTEX_WAIT, 2, NULL

and that's as far as it gets.

This affects both RHEL AS4 and WS4.

I first encountered this problem in the FC1 SMP kernel. At that time I 
disabled ldap lookup of hosts. IIRC this was solved by removing the low 
latency patch in the SMP kernel, but I never properly verified that. On 
the FC1 server where I removed that patch ping works, but on the RHEL 
AS/WS4 systems I have it does not.

I will try to do some more digging around next week.

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw at ion.le.ac.uk
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555




More information about the fedora-list mailing list