From nobody@FreeBSD.org  Tue Dec 22 11:33:24 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3F277106568D
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 22 Dec 2009 11:33:24 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 2E5BD8FC15
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 22 Dec 2009 11:33:24 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id nBMBXNBa086050
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 22 Dec 2009 11:33:23 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id nBMBXNQN086049;
	Tue, 22 Dec 2009 11:33:23 GMT
	(envelope-from nobody)
Message-Id: <200912221133.nBMBXNQN086049@www.freebsd.org>
Date: Tue, 22 Dec 2009 11:33:23 GMT
From: Filip Palian <admin@expro.pl>
To: freebsd-gnats-submit@FreeBSD.org
Subject: The slapd server starts/restarts way too long - chckien and egg problem
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         141890
>Category:       bin
>Synopsis:       [patch] slapd(8): The slapd server starts/restarts way too long - chicken and egg problem
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Dec 22 11:40:08 UTC 2009
>Closed-Date:    
>Last-Modified:  Mon Mar 22 23:02:06 UTC 2010
>Originator:     Filip Palian
>Release:        8.0-RELEASE
>Organization:
Expro Sp. z o.o.
>Environment:
reeBSD <hostname> 8.0-RELEASE FreeBSD 8.0-RELEASE #2: Tue Dec  1 13:43:39 CET 2009     root@<hostname>:/usr/obj/usr/src/sys/<hostname>  amd64
>Description:
The slapd server (and other services) on system boot or on restart takes
ages to run, because it waits to query itself. This situation takes place
when the system uses pam_ldap, nss_ldap and when nsswitch.conf is
configured to query LDAP database.
>How-To-Repeat:
1) install and configure OpenLDAP server, pam_ldap and nss_ldap
2) reboot your system
>Fix:
Dirty fix for this problem is to apply the attached patch on
"/usr/local/etc/rc.d/slapd". To make this work you also need to create
"nsswitch.conf.ldap" and "nsswitch.conf.noldap" in "/etc" directory
with the following content:

nsswitch.conf.ldap:
 group: files ldap
 group_compat: nis
 hosts:	files dns
 networks: files
 passwd: files ldap
 passwd_compat: nis
 shells: files
 services: compat
 services_compat: nis
 protocols: files
 rpc: files

nsswitch.conf.noldap:
 group: files
 group_compat: nis
 hosts:	files dns
 networks: files
 passwd: files
 passwd_compat: nis
 shells: files
 services: compat
 services_compat: nis
 protocols: files
 rpc: files


Credits goes to Eric Masson (http://markmail.org/message/ecc6orwz43bkk5ib).

Patch attached with submission follows:

--- slapd.bak	2009-12-02 13:59:32.000000000 +0100
+++ slapd	2009-12-18 15:40:51.000000000 +0100
@@ -110,6 +110,8 @@ start_precmd()
     fi
     ;;
   esac
+
+  cp /etc/nsswitch.conf.noldap /etc/nsswitch.conf
 }
 
 # adjust ownership of created unix sockets
@@ -136,6 +138,8 @@ start_postcmd()
       warn "slapd: Can't find socket $socket"
     fi
   done
+
+  cp /etc/nsswitch.conf.ldap /etc/nsswitch.conf
 }
 
 run_rc_command "$1"


>Release-Note:
>Audit-Trail:
>Unformatted:
