Dan Scott
2011-12-15 15:41:47 UTC
Hi,
On my Fedora 15 FreeIPA server, I'm having some problems with
stability. The server appears to 'hang' and stops responding to LDAP
lookups. When I restart the dirsrv service, I get:
Dec 15 09:40:02 ohm kernel: [254566.011404] ns-slapd[28910]: segfault
at 17d ip 00007f00dbc0208c sp 00007fff929b7848 error 4 in
libc-2.14.so[7f00dbb87000+18f000]
and the /var/log/dirsrv/slapd-EXAMPLE-COM/errors contains
[15/Dec/2011:09:47:35 -0500] set_krb5_creds - Could not get initial
credentials for principal [ldap/***@EXAMPLE.COM] in keytab
[WRFILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC
for requested realm)
[15/Dec/2011:09:47:35 -0500] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSAPI]: error -2
(Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified
GSS failure. Minor code may provide more information (Credentials
cache file '/tmp/krb5cc_496' not found))
This is happening very frequently, I'm having to restart the dirsrv
process once an hour, otherwise people start complaining.
I experienced similar problems with FreeIPA 1, when I was using Fedora
14 and earlier, and had to regularly (also once per hour) restart the
dirsrv process. Could this be related?
I also noticed this:
https://bugzilla.redhat.com/show_bug.cgi?id=730387
There are updates in 'updates-testing' which I believe fix the above
issue, but I'm reluctant to install from a testing repo on my
production server, can anyone report any feedback on this?
Can anyone help me out?
Thanks,
Dan
On my Fedora 15 FreeIPA server, I'm having some problems with
stability. The server appears to 'hang' and stops responding to LDAP
lookups. When I restart the dirsrv service, I get:
Dec 15 09:40:02 ohm kernel: [254566.011404] ns-slapd[28910]: segfault
at 17d ip 00007f00dbc0208c sp 00007fff929b7848 error 4 in
libc-2.14.so[7f00dbb87000+18f000]
and the /var/log/dirsrv/slapd-EXAMPLE-COM/errors contains
[15/Dec/2011:09:47:35 -0500] set_krb5_creds - Could not get initial
credentials for principal [ldap/***@EXAMPLE.COM] in keytab
[WRFILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC
for requested realm)
[15/Dec/2011:09:47:35 -0500] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSAPI]: error -2
(Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified
GSS failure. Minor code may provide more information (Credentials
cache file '/tmp/krb5cc_496' not found))
This is happening very frequently, I'm having to restart the dirsrv
process once an hour, otherwise people start complaining.
I experienced similar problems with FreeIPA 1, when I was using Fedora
14 and earlier, and had to regularly (also once per hour) restart the
dirsrv process. Could this be related?
I also noticed this:
https://bugzilla.redhat.com/show_bug.cgi?id=730387
There are updates in 'updates-testing' which I believe fix the above
issue, but I'm reluctant to install from a testing repo on my
production server, can anyone report any feedback on this?
Can anyone help me out?
Thanks,
Dan