Univention Bugzilla – Bug 40371
server_password_change stuck at restarting nscd
Last modified: 2017-09-13 16:35:04 CEST
root@gydwag-opsi:~# ucr search --brief ^version version/erratalevel: 342 version/patchlevel: 2 version/releasename: Walle version/version: 4.0 server/role: memberserver Installed 3rd party applications: opsi4ucs > root@gydwag-opsi:~# ps auxf | grep '[n]scd' > root 9707 0.0 0.0 4188 468 ? S 2015 0:00 \_ /bin/sh /usr/lib/univention-server/server_password_change.d/univention-nscd postchange > root 9708 0.0 0.0 4188 1308 ? S 2015 0:00 \_ /bin/sh /etc/init.d/nscd restart > root 9711 0.0 0.0 10588 768 ? S 2015 0:00 \_ /usr/sbin/nscd --invalidate passwd > root 9895 27.8 4.4 540396 179432 ? Rsl 2015 15211:18 /usr/sbin/nscd Last lines of server_password_change.log on that day: > [...] > run-parts: executing /usr/lib/univention-server/server_password_change.d/univention-libnss-ldap postchange > W: failed to convert the username messagebus to the uid > File: /etc/libnss-ldap.conf > run-parts: executing /usr/lib/univention-server/server_password_change.d/univention-nscd postchange > Restarting Name Service Cache Daemon: nscd Next day: > Starting server password change (Tue Dec 22 01:02:04 CET 2015) > No server password change scheduled for today, terminating without a change
Workaround: Kill the oldest running nscd process (PID 9895 in the example above). "univention-nscd postchange" will then finish successfully.
IMHO we definitely should make /etc/init.d/nscd restart more robust against this. It does nscd --invalidate $table and then stop_nscd. It must not hang in the first steps of this, ever. We should assure that it gets restarted reliably.
2016012621000729 - same customer, other server
Created attachment 8304 [details] Move cache invalidation after daemon restart
There is a Customer ID set so I set the flag "Enterprise Customer affected".
Committed in r81656 - r81657 (advisory r81658).
Ok, works.
<http://errata.software-univention.de/ucs/4.2/161.html>