Suspected nscd bug on CentOS 5.10 x86_64
Suspected nscd bug on CentOS 5.10 x86_64
Hi all,
I have an VMware-based CentOS 5.10 x86-64 server, which integrated with Windows Server 2012 Active-Directory.
I have installed this servers for 2 months, and ldap fine. However, all of a sudden, I cannot login using my ldap account.
When I change root (su) as my ldap account, the server shows the following error:
[root@CentOS5_10~]# su - jeanitsuyou
su: user jeanitsuyou does not exist
However, I can retrieve my information using "getent passwd"
[root@CentOS5_10~]# getent passwd| grep jeanitsuyou
jeanitsuyou:*:66660:10:ITSUYOU, Jean:/home/jean:/bin/bash
Therefore, I suspected that there is a bug on the latest version of nscd deamon (nscd-2.5-123.el5_11.1). However, when I use "service" command to check the status of nscd daemon, it show that this deamon is normal:
[root@CentOS5_10~]# service nscd status
nscd (pid 3670) is running...
However, in the check the nscd status, it was shown as the follows:
[root@CentOS5_10~]# ps aux| grep nscd
nscd 3670 0.0 0.2 178100 2512 ? Ssl Feb09 0:19 /usr/sbin/nscd
root 4158 0.0 0.0 61208 612 pts/0 R+ 14:33 0:00 grep nscd
Is the programme status of nscd daemon "Ssl" normal? Also, it seems that the deamon use too much memory.
Is it memory leakage?
Here is my nscd.conf for all of you as a reference:
(I only enable the cache function on nscd for "passwd" and "group")
# /etc/nscd.conf
# logfile /var/log/nscd.log
# threads 3
# max-threads 128
server-user nscd
# stat-user nocpulse
debug-level 3
# reload-count 5
paranoia no
# restart-interval 3600
enable-cache passwd yes
positive-time-to-live passwd 600
negative-time-to-live passwd 20
suggested-size passwd 211
check-files passwd yes
# persistent passwd yes
persistent passwd no
shared passwd yes
max-db-size passwd 33554432
auto-propagate passwd yes
enable-cache group yes
positive-time-to-live group 3600
negative-time-to-live group 60
suggested-size group 211
check-files group yes
# persistent group yes
persistent group no
shared group yes
max-db-size group 33554432
auto-propagate group yes
enable-cache hosts no
positive-time-to-live hosts 3600
negative-time-to-live hosts 20
suggested-size hosts 211
check-files hosts yes
# persistent hosts yes
persistent hosts no
shared hosts yes
max-db-size hosts 33554432
I have an VMware-based CentOS 5.10 x86-64 server, which integrated with Windows Server 2012 Active-Directory.
I have installed this servers for 2 months, and ldap fine. However, all of a sudden, I cannot login using my ldap account.
When I change root (su) as my ldap account, the server shows the following error:
[root@CentOS5_10~]# su - jeanitsuyou
su: user jeanitsuyou does not exist
However, I can retrieve my information using "getent passwd"
[root@CentOS5_10~]# getent passwd| grep jeanitsuyou
jeanitsuyou:*:66660:10:ITSUYOU, Jean:/home/jean:/bin/bash
Therefore, I suspected that there is a bug on the latest version of nscd deamon (nscd-2.5-123.el5_11.1). However, when I use "service" command to check the status of nscd daemon, it show that this deamon is normal:
[root@CentOS5_10~]# service nscd status
nscd (pid 3670) is running...
However, in the check the nscd status, it was shown as the follows:
[root@CentOS5_10~]# ps aux| grep nscd
nscd 3670 0.0 0.2 178100 2512 ? Ssl Feb09 0:19 /usr/sbin/nscd
root 4158 0.0 0.0 61208 612 pts/0 R+ 14:33 0:00 grep nscd
Is the programme status of nscd daemon "Ssl" normal? Also, it seems that the deamon use too much memory.
Is it memory leakage?
Here is my nscd.conf for all of you as a reference:
(I only enable the cache function on nscd for "passwd" and "group")
# /etc/nscd.conf
# logfile /var/log/nscd.log
# threads 3
# max-threads 128
server-user nscd
# stat-user nocpulse
debug-level 3
# reload-count 5
paranoia no
# restart-interval 3600
enable-cache passwd yes
positive-time-to-live passwd 600
negative-time-to-live passwd 20
suggested-size passwd 211
check-files passwd yes
# persistent passwd yes
persistent passwd no
shared passwd yes
max-db-size passwd 33554432
auto-propagate passwd yes
enable-cache group yes
positive-time-to-live group 3600
negative-time-to-live group 60
suggested-size group 211
check-files group yes
# persistent group yes
persistent group no
shared group yes
max-db-size group 33554432
auto-propagate group yes
enable-cache hosts no
positive-time-to-live hosts 3600
negative-time-to-live hosts 20
suggested-size hosts 211
check-files hosts yes
# persistent hosts yes
persistent hosts no
shared hosts yes
max-db-size hosts 33554432
- AlanBartlett
- Forum Moderator
- Posts: 9345
- Joined: 2007/10/22 11:30:09
- Location: ~/Earth/UK/England/Suffolk
- Contact:
Re: Suspected nscd bug on CentOS 5.10 x86_64
Your first step should be to update that system to the currently supported version, which is CentOS 5.11.
Then check / test again.
Then check / test again.
100% Linux and, previously, Unix. Co-founder of the ELRepo Project.
Re: Suspected nscd bug on CentOS 5.10 x86_64
I think it should be be related to the version of CentOS 5.10 and 5.11 because nscd has not been updated / upgraded in 5.11 since 5.10.
Whatever I use 5.10 and 5.11, nscd is the same. (nscd-2.5-123.el5_11.1 (x86_64))
Whatever I use 5.10 and 5.11, nscd is the same. (nscd-2.5-123.el5_11.1 (x86_64))
Re: Suspected nscd bug on CentOS 5.10 x86_64
When I observe the /proc of the nscd programme (/proc/3670/), I found that there is something called "deleted" in fd:
[root@CentOS5_10 fd]# ls -l /proc/3670/fd
total 0
lrwx------ 1 root root 64 Feb 17 10:39 0 -> /dev/null
lrwx------ 1 root root 64 Feb 17 10:39 1 -> /dev/null
lr-x------ 1 root root 64 Feb 17 10:39 10 -> /var/run/nscd/dbGmXZad (deleted)
lrwx------ 1 root root 64 Feb 17 10:39 11 -> socket:[14029]
lr-x------ 1 root root 64 Feb 17 10:39 12 -> eventpoll:[14031]
lrwx------ 1 root root 64 Feb 17 10:39 2 -> /dev/null
lrwx------ 1 root root 64 Feb 17 10:39 3 -> socket:[13857]
lrwx------ 1 root root 64 Feb 17 10:39 4 -> socket:[13863]
lrwx------ 1 root root 64 Feb 17 10:39 5 -> socket:[13874]
lrwx------ 1 root root 64 Feb 17 10:39 7 -> /var/run/nscd/dbyxyL5M (deleted)
lr-x------ 1 root root 64 Feb 17 10:39 8 -> /var/run/nscd/dbyxyL5M (deleted)
lrwx------ 1 root root 64 Feb 17 10:39 9 -> /var/run/nscd/dbGmXZad (deleted)
Is it normal?
[root@CentOS5_10 fd]# ls -l /proc/3670/fd
total 0
lrwx------ 1 root root 64 Feb 17 10:39 0 -> /dev/null
lrwx------ 1 root root 64 Feb 17 10:39 1 -> /dev/null
lr-x------ 1 root root 64 Feb 17 10:39 10 -> /var/run/nscd/dbGmXZad (deleted)
lrwx------ 1 root root 64 Feb 17 10:39 11 -> socket:[14029]
lr-x------ 1 root root 64 Feb 17 10:39 12 -> eventpoll:[14031]
lrwx------ 1 root root 64 Feb 17 10:39 2 -> /dev/null
lrwx------ 1 root root 64 Feb 17 10:39 3 -> socket:[13857]
lrwx------ 1 root root 64 Feb 17 10:39 4 -> socket:[13863]
lrwx------ 1 root root 64 Feb 17 10:39 5 -> socket:[13874]
lrwx------ 1 root root 64 Feb 17 10:39 7 -> /var/run/nscd/dbyxyL5M (deleted)
lr-x------ 1 root root 64 Feb 17 10:39 8 -> /var/run/nscd/dbyxyL5M (deleted)
lrwx------ 1 root root 64 Feb 17 10:39 9 -> /var/run/nscd/dbGmXZad (deleted)
Is it normal?
Re: Suspected nscd bug on CentOS 5.10 x86_64
After searching over the Internet, I found that some people may meet other problem in other Linux distribution :
As stated some time ago, I had the problem that users vanished after some time.
As I get a lot of e-mails regarding this problem, I therefore documentate here the details I've found out so far:
Ncsd works unreliable
Yes, indeed, switching off nscd removes the problem.
But there are more problems I experienced with nscd:
Sometimes it consumes 100% cpu (and does not stop that until being killed)
Sometimes it just crashes.
Sometimes it causes users to "vanish" (the original problem)
Sometimes it hangs and thus slows down the whole system
http://www.nico.schottelius.org/blog/nscd-bugs/
Is there anybody fixing this issue?
As stated some time ago, I had the problem that users vanished after some time.
As I get a lot of e-mails regarding this problem, I therefore documentate here the details I've found out so far:
Ncsd works unreliable
Yes, indeed, switching off nscd removes the problem.
But there are more problems I experienced with nscd:
Sometimes it consumes 100% cpu (and does not stop that until being killed)
Sometimes it just crashes.
Sometimes it causes users to "vanish" (the original problem)
Sometimes it hangs and thus slows down the whole system
http://www.nico.schottelius.org/blog/nscd-bugs/
Is there anybody fixing this issue?
Re: Suspected nscd bug on CentOS 5.10 x86_64
It's been fixed in later versions by removing nscd!
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
- AlanBartlett
- Forum Moderator
- Posts: 9345
- Joined: 2007/10/22 11:30:09
- Location: ~/Earth/UK/England/Suffolk
- Contact:
Re: Suspected nscd bug on CentOS 5.10 x86_64
No. Usage of CentOS 5.10 is deprecated. The only supported version of the CentOS 5 branch is CentOS 5.11jeanng wrote:Is there anybody fixing this issue?
If you refuse to update to the supported version, then you have all the problems.
100% Linux and, previously, Unix. Co-founder of the ELRepo Project.
Re: Suspected nscd bug on CentOS 5.10 x86_64
http://wiki.centos.org/Manuals/ReleaseN ... 368354b106
According to the release note of 5.11, nscd has not been changed in 5.10. That is, no evidence showing that upgrading CentOS can fix the problem. (Using 5.10 and 5.11 are the same)
Additionally, I choose to use CentOS because I believe that CentOS can provide a very stable OS environment. However, I am very disappointed if it always change the kernel version, even more frequency than Fedora and Ubuntu! Don't you think that upgrading kernel so frequency lead to decrease in stability???
I will never upgrade the OS AND LINUX KERNEL UNLESS nscd daemon problem is related to the kernel version. What I need is EXTREME STABILITY!!!
By the way, Does anybody has idea how to collect information for tracing nscd bugs??? Some people told me that this problem happened on all Linux distribution, but not just only CentOS / RHEL.
According to the release note of 5.11, nscd has not been changed in 5.10. That is, no evidence showing that upgrading CentOS can fix the problem. (Using 5.10 and 5.11 are the same)
Additionally, I choose to use CentOS because I believe that CentOS can provide a very stable OS environment. However, I am very disappointed if it always change the kernel version, even more frequency than Fedora and Ubuntu! Don't you think that upgrading kernel so frequency lead to decrease in stability???
I will never upgrade the OS AND LINUX KERNEL UNLESS nscd daemon problem is related to the kernel version. What I need is EXTREME STABILITY!!!
By the way, Does anybody has idea how to collect information for tracing nscd bugs??? Some people told me that this problem happened on all Linux distribution, but not just only CentOS / RHEL.
Re: Suspected nscd bug on CentOS 5.10 x86_64
And with that comment you probably have most of the people here that are willing to help you tune outjeanng wrote:I will never upgrade the OS AND LINUX KERNEL UNLESS nscd daemon problem is related to the kernel version.
Re: Suspected nscd bug on CentOS 5.10 x86_64
You should read the list of bugs that have been fixed on https://rhn.redhat.com/errata/rhel-server-errata.html before you make such silly statements as "I will never upgrade the OS AND LINUX KERNEL UNLESS nscd daemon problem is related to the kernel version. What I need is EXTREME STABILITY!!!". CentOS is not Ubuntu, the whole aim of the distro is stability and the only changes made are to fix bugs, usually security ones.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke