Problems with gconfd and orbit + LDAP / SSL/TLS and temporary files in /tmp
Erling Ringen Elvsrud
systemansvarlig at vagaungdomsskule.no
Tue Aug 8 10:28:01 UTC 2006
Setup:
Server: Debian Stable with Openldap 2.2.23
Client: Ubuntu Dapper.
I can sucessfully log in on the Dapper workstation.
getent passwd and getent group returns all users and groups
in /etc/password /etc/group as well as the users in the directory.
When SSL is disabled everything works well. If I enable SSL/TLS (in
slapd.conf on the server) as well
as /etc/pam_ldap.conf, /etc/ldap/ldap.conf and /etc/libnss_ldap.conf
with ssl start_tls and TLS_CACERT /etc/ssl/certs/cacert.pem, only one
(the first) user can log in sucessfully.
It seems like orbit and gconf have problems getting information about
users and groups because the orbit-<username> and gconfd-<username>
directories in /tmp is called orbit-somebody and gconfd-somebody
instead. This becomes a problem when the first user logs out and the
second tries to log in as those directories are owned by the first
user.
I can sucessfully use ldapsearch with the -ZZ (must use SSL/TLS) flag
from a different workstation.
Do I have to do anything special to use LDAP over SSL/TLS in order to
make this work?
Erling
More information about the ubuntu-users
mailing list