Bug 151378

Summary: SUSE10, LDAP and disconnected login.
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Warren Howard <warren>
Component: BasesystemAssignee: Ralf Haferkamp <ralf>
Status: RESOLVED WONTFIX QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: aj, ralf
Version: unspecified   
Target Milestone: ---   
Hardware: i686   
OS: SuSE Linux 10.0   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: /etc/sysconfig/ldap

Description Warren Howard 2006-02-16 04:46:58 UTC 
Hi,

I'm using SUSE 10.0 OSS as client workstations with a central LDAP
server for authentication.  LDAP authentication for the SUSE 10
workstations is configured through YaST -> Network Services -> LDAP
Client.  Where I select "use LDAP", enter the LDAP server address and
enter the LDAP base DN.  If the user has a home directory or if home directories are set to be automatically created through the use of pam_mkhomedir then login to the system works fine for local (/etc/passwd) users and LDAP users.

Trouble starts when I disconnect the network.  The local root superuser
cannot login.  The authentication is successful but the login session
times out after 60 seconds.

Disconnecting the network should not break login for a local (/etc/passwd) user, especially when that user is root.

Thanks,

Warren.
Comment 1 Michael Gross 2006-02-16 12:35:09 UTC 
Please attach /etc/sysconfig/ldap
Comment 2 Warren Howard 2006-02-16 13:07:12 UTC 
Created attachment 68827 [details]
/etc/sysconfig/ldap

As requested file attached.
Comment 3 Michael Gross 2006-02-16 14:43:21 UTC 
Johannes, Ralf
Can you provide a comment here? Whom could we assign this?
Comment 4 Ralf Haferkamp 2006-02-16 15:18:13 UTC 
This might be cause by some problems in the reconnection logic of nss_ldap. It has be fixed in newer nss_ldap Versions (and setting "bind_policy soft" in /etc/ldap.conf).
Comment 5 Ralf Haferkamp 2006-02-16 15:19:19 UTC 
Andreas: should this be fixed for 10.0?
Comment 6 Michael Gross 2006-02-16 15:22:56 UTC 
Ralf: Andreas has probably way to many bug-mails (if you mean AJ) ;) I take him into CC.
Comment 7 Andreas Jaeger 2006-02-16 15:58:10 UTC 
NO, we will not fix this for 10.0.
Comment 8 Ralf Haferkamp 2006-02-16 16:09:13 UTC 
Ok, WONTFIX (for 10.0) then.