On Fri, 19 Sep 2008 14:38:17 +0200, Buchan Milne <bgmilne@(protected):

> On Friday 19 September 2008 09:34:28 J.A. Magallón wrote:
> > On Wed, 18 Jun 2008 20:13:25 +0200, Buchan Milne <bgmilne@(protected)>
> wrote:
> > > On Thursday 12 June 2008 20:22:07 J.A. Magallón wrote:
> > > > Hi all...
> > > >
> > > > I mantain two systems runing cooker, one 32 and other 64 bits.
> > > > Both use the same LDAP server for authentication.
> > >
> > > And config is identical, nscd running or not on both ?
> > >
> > > > After the latest cooker update of ldap, the 64-bit box can not resolve
> > > > the group IDs to group names:
> > > >
> > > > annwn:/etc# id magallon
> > > > uid=3001(magallon) gid=3000(giga) groups=3000(giga),10(wheel)
> > > >
> > > > cicely:/etc# id magallon
> > > > uid=3001(magallon) gid=3000 groups=3000,10(wheel)
> > > >
> > > > When I log in the 64bit box (cicely):
> > > > belly:~> ssh cicely
> > > > id: cannot find name for group ID 3000
> > > > cicely:~>
> > > >
> > > > The setup (/etc/ldap.[conf,secret], nsswitch.conf and so on) is exactly
> > > > the same, and both run the latest cooker updates.
> > > >
> > > > I used strace on 'id' for root, and noted some strange things
> > > > (I have masked the real addresses...):
> > > >
> > > > annwn:
> > > > ...
> > > > getsockname(3, {sa_family=AF_INET, sin_port=htons(51248),
> > > > sin_addr=inet_addr("155.210.xxx.xxx")}, [16]) = 0 getpeername(3,
> > > > {sa_family=AF_INET, sin_port=htons(389),
> > > > sin_addr=inet_addr("155.210.xxx.xxx")}, [16]) = 0 time(NULL)
> > > >                              = 1213283622
> > > > time(NULL)                              = 1213283622
> > > > ...
> > > >
> > > >
> > > > cicely:
> > > > ...
> > > > getsockname(3, {sa_family=AF_INET, sin_port=htons(34165),
> > > > sin_addr=inet_addr("155.210.xxx.xxx")}, [16]) = 0 getpeername(3,
> > > > {sa_family=AF_INET, sin_port=htons(389),
> > > > sin_addr=inet_addr("155.210.xxx.xxx")}, [68719476752]) = 0
> > > > gettimeofday({1213283637, 826073}, NULL) = 0
> > > > gettimeofday({1213283637, 826220}, NULL) = 0
> > > > ...
> > > >
> > > > Rarities:
> > > >
> > > > - why the code calls gettimeofday() in x86-64 and time(0) in x86-32 ?
> > > > - why the parameters are strange in x86-64 ?
> > >
> > > I haven't had a chance to look yet ...
> > >
> > > > That strange value for size is repeated in many calls to getsockname
> > > > and getpeername all along the trace.
> > > >
> > > > Is this a bug in glibc/nss_ldap ?
> > >
> > > None of my machines are up-to-date on cooker. I will try and get my
> > > x86_64 laptop up to cooker this week so I can look at it. Since nothing
> > > major has changed on libldap/nss_ldap, I'm suspecting glibc and/or the
> > > under-linking/over-linking issues ...
> >
> > I finally found the answer (well, really, what makes it happen).
> > The difference is in /etc/ldap.conf:
> >
> > nss_connect_policy persist (it works)
> >
> > vs
> >
> > nss_connect_policy oneshot (it breaks).
> >
> > It breaks both in x86-32 and x86-64. Some part of the code forgets to
> > reopen the connection in oneshot mode.
> >
> > For example, in oneshot:
> >
> > annwn:~> id
> > uid=3001(magallon) gid=3000(giga) groups=10(wheel),3000(giga)
> >
> > but in persistent mode
> >
> > annwn:~> id
> > uid=3001(magallon) gid=3000(giga)
> > groups=10(wheel),3000(giga),3007(giga_m),3009(giga_r)
> >
> > which is the correct answer. This was 386. In x86-64, it just fails to
> > find the name for group 3000. Some data is just garbage, is reading
> > from a closed connection.
> >
> > If someone can reproduce, I can file a bug report upstream.
> > Or that's for the mantainer ?
>
> Can you file upstream and cc me ?
>
> Thanks,
> Buchan
>

BigID is 375:

http://bugzilla.padl.com/show_bug.cgi?id=375



--
J.A. Magallon <jamagallon()ono!com>   \          Software is like sex:
                          \      It's better when it's free
Mandriva Linux release 2009.0 (Cooker) for i586
Linux 2.6.25-jam18 (gcc 4.3.1 20080626 (GCC) #1 SMP