On Sat, 2006-05-06 at 10:49 -0400, Oliver Schulze L. wrote:
Hi Timo, about bug #: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154315
That patch adds a warning message, but it does not handle the error. The problem I have seen is that once a "BROKEN NSS IMPLEMENTATION" is detected, dovecot can not handle any login anymore. So, the only solution is to manually restart dovecot.
I don't really see how that can happen. When Dovecot gives that error message, it kills the dovecot-auth process completely and it gets restarted.
If you manually restart Dovecot it does pretty much the same thing except it also restarts dovecot master process, but I don't see how that would affect this at all.
It would be nice to have dovecot handle the error and return an error or something, so that other users still can login. The affected user should see an error like: "try again later" or :bad password".
If restarting the whole dovecot-auth process doesn't fix it, then I don't see how it could even be fixed any better.
I guess one possibility would be to just try the getpwnam() again if the first time returns a failure, but I don't know if that works.
In any case I don't really even want to try to work around this. Better would be to just get it really fixed where the bug is, or just not use nss_ldap at all.