[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Slapd crashing again, three different reasons?
--On April 30, 2007 9:58:07 AM -0400 Daniel Henninger
<daniel@ncsu.edu> wrote:
Hi folk,
First off, let me say that per our last conversation about this, I
have
not yet rebuild cyrus-sasl/openldap against a different Kerberos
dist.
(I was going to build against 1.5.. right now I'm at 1.2.8.. we
tend to
steer clear of Heimdal) Anyway, on April 28th, at 12:05AM, all
three of
our slave servers' slapds died. All for apparently different
reasons:
Why do you "steer clear" of Heimdal for linking the server
libraries against? In any case, MIT Krb5 1.2 is known to not be
thread safe.
History. In the past when I had tried to use heimdal with something
else it caused a wealth of problems. That may not be the case now,
but I don't really see the point in using multiple implementations of
Kerberos if I can avoid it so I have never gone back to reevaluate. =)
So that's what the problem is with 1.2? Not thread safe? Ok.
That's good to know!
Now, the second one is most likely the "recompile it against a
different Kerberos" issue. However, the last seems to be directly
SSL related and
the first ... I have no idea about the first. We have openldap built
against openssl 0.9.7i.
Never had an issue with OpenSSL like you are seeing.
Hrm. What version are you built against?
Any suggestions? =( I know many of you are running this under
Solaris.
Anyone had any particular problems doing so?
Never saw any.
Hrm. I can't help but think I may have something configured around
at the kernel level (/etc/system) but I don't see anything in
particular that I may have done wrong there. I'll at least try to
narrow down away from the kerberos issues soonish. It's just weird
that all three croaked at the same time. =)
Thanks!
Daniel