Re: [webmin-l] LDAP Users and Groups - Problem adding new users

[Jamie C. <jca...@we...>]

On 24/Nov/2005 16:31 Murray Trainer wrote ..
> On Wed, 2005-11-23 at 20:04, Murray Trainer wrote:
> > On Wed, 2005-11-23 at 19:06, Jamie Cameron wrote:
> > > On 23/Nov/2005 20:18 Murray Trainer wrote ..
> > > > Hi Jamie,
> > > > 
> > > > The module itself works fine when I add a new LDAP user but the script
> > > > it runs to configure the new user's Linux account after the user
> is
> > > > created, broke a few days ago.  I am not aware of anything being
> changed
> > > > so I'm not sure what caused this problem.  The shell script does
> an "su
> > > > - $USERADMIN_USER" to become the new user to run gconftool2 and other
> > > > things.  For some reason I started getting an error that the new
> user
> > > > I'm su'ing doesn't exist.  It appears to be something to do with
> the
> > > > name service cache daemon nscd.  I have hacked my script to restart
> nscd
> > > > from my script before I su to the new user - that fixes the problem
> for
> > > > now.  As a proper fix, shouldn't the webmin LDAP Users module do
> a flush
> > > > of the NSCD cache whenever it adds or removes users to make sure
> > > > everything is immediately in sync?
> > > 
> > > Actually, this should already happen.. If there is an nscd process
> running,
> > > it gets signalled to reload the cache with a HUP signal after a user
> is created.
> > > What command are you using to restart nscd?
> > 
> > I am still using Webmin 1.180 if that is a problem.  I will upgrade it
> > to the latest version is official.  I am using SuSE 9.1 and I am doing
> > an "/etc/rc.d/nscd" restart to work around the problem.  According to
> > that script SIGHUP doesn't work with nscd (not sure if that is only on
> > SuSE 9.1 or elsewhere):
> > 
> >     reload)
> >         # nscd does not support SIGHUP, so fail.
> >         echo -n "Reload Name Service Cache Daemon"
> >         rc_failed 3
> >         rc_status -v
> >         ;;
> > 
> > According to the above the LDAP Users module has probably never reloaded
> > the cache on SuSE 9.1.  
> > 
> > Murray
> Hi jamie,
> 
> Maybe a fix for this is to do an LDAP search for the newly
> created/deleted user immediately after they are created/deleted - would
> that update the cache that nscd uses as to whether the user actually
> exists or not?

Actually, the correct behaviour is for Webmin to run /etc/rc.d/nscd restart instead
of just sending a HUP signal. I will do this in the next release ..

Just querying the LDAP DB won't help, as the caching is not done by the LDAP server,
but rather by the separate nscd process.

 - Jamie