Definitely run nscd or similar to avoid the nasties (I know nscd itself can be icky but i'll have that pain over applications breaking just because of NSS library loading)… I've had SSL library fun with NSS for the same reasons utter nightmare to spot in the debug when the two libs were almost binary compatible. On 14 May 2013, at 08:21, Phil Mayers <p.mayers@imperial.ac.uk> wrote:
On 05/13/2013 08:03 PM, Edgar Fuß wrote:
registered a pthread_atfork handler, which intended to call ldap_drop_conenction() from libldap, but, because of PLT load-time-linking, in fact ended up calling ldap_drop_connection() from libldap_r. Boom (inside fork()).
Oh yuck...
NSS really is a disaster - "dynload in arbitrary linked-libraries every time I lookup a uid->user mapping, why sure!".
You might find that running nscd helps, as it'll confine nss_ldap to the nscd process. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html