Temporary problems in name resolution when nscd is being used, Too many open files
Issue
- Temporary problems in name resolution when nscd is being used
- RHEL 5.6's nscd is behaving erratically. Running an strace on the process produces:
epoll_wait(10, {{EPOLLRDNORM, {u32=9, u64=9}}}, 100, 29988) = 1
accept(9, 0, NULL) = -1 EMFILE (Too many open files)
epoll_wait(10, {{EPOLLRDNORM, {u32=9, u64=9}}}, 100, 29988) = 1
accept(9, 0, NULL)
- Recently we experience problems to login on some of our machines running RHEL 5.3.
login[]: pam_unix(login:auth): check pass; user unknown
login[]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=
login[]: FAILED LOGIN 1 FROM (null) FOR root, Authentication failure
- Log entry for a login using SSH:
sshd[16020]: fatal: Privilege separation user sshd does not exist
- Additionally sendmail and crond seem to have problems resolving names.
- Other relevant errors:
ERROR: failed to open PAM security session: Bad file descriptor
error retrieving information about user root
sendmail.*: gethostbyaddr(127.0.0.1) failed:
- The problems are specific to a single system, no DNS / LDAP outage in the data center
- Restarting nscd resolves the issue (if it's possible to log in during the problem)
Environment
- Red Hat Enterprise Linux 5
nscd-2.5-65
ornscd-2.5-34
but likely any nscd version is affectednss_ldap
earlier thannss_ldap-253-21.el5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.