Web lists-archives.com

Re: Open socket not connected to any real process

David Parker <dparker@xxxxxxxxx> wrote:

> Well, crap.  It turns out this isn't a problem.  PAM is configured for
> LDAP authentication and so it opens a connection each time I log in,
> owned by my sshd process, even though it's not using LDAP
> authentication for root.  And the other LDAP queries I'm seeing are
> being sent when users authenticate via sendmail.  Case closed!

This is why you use libpam-ldapd (instead of libpam-ldap) in combination
with libnss-ldapd (instead of libnss-ldap).

Its design with a separate daemon (nslcd) doing the actual LDAP
connection is far superior compared to the original lib*-ldap code.

It also means that libldap itself is only mapped into the central
server process and not into every process on the system. 


Sigmentation fault. Core dumped.