[Fusionforge-general] NSS

Evert Lammerts Evert.Lammerts at sara.nl
Mon Jan 4 13:38:11 CET 2010


Hi all,

After my holidays I'm back to trying to get nss to work with Postgres. I apologize for my last message - the attached nss-pgsql.conf (also attached here) was the one I'm using, but the output of "$ strace getent group siteadmin" was not right, since I hadn't set $LD_LIBRARY_PATH right.

Find attached the output again, this time showing it cannot connect to the database. The relevant part, I think, is:

open("/etc/nss-pgsql.conf", O_RDONLY)   = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=1885, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e23000
read(4, "#----------------- DB connection"..., 4096) = 1885
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0xb7e23000, 4096)                = 0

Reading through your messages I realize that my problem is probably related to my nss-pgsql.conf file. However, I'm not sure what the right format should be. For example, I cannot find the connectionstring parameter anywhere. Do you know of a place where I can find a specification?

I've installed fusionforge 4.8.2 in /opt/, and am using libnss_pgsql 1.4.0. I created a Postgres user gforge_nss with all permissions on the gforge database.

Any help is much appreciated.

Thanks, 
Evert

> -----Original Message-----
> From: fusionforge-general-bounces at lists.fusionforge.org
> [mailto:fusionforge-general-bounces at lists.fusionforge.org] On Behalf Of
> Christian BAYLE
> Sent: donderdag 17 december 2009 20:31
> To: Evert Lammerts
> Cc: fusionforge-general at lists.fusionforge.org
> Subject: Re: [Fusionforge-general] NSS
> 
> Hello,
> 
> looks like your system is looking for libnss_pgsql.so.2
> but don't find it in any place, a good reason for not to work.
> which distro, which nss_pgsql, did you use?
> 
> Christian
> 
> Evert Lammerts a écrit :
> > Thanks both, for your comments. I have little time so just a short
> note.
> >
> > Find attached my nss-pgsql.conf. I've copied it from the example
> version distributed with FF 4.8.2. Also attached is the output of a:
> > $ strace getent group siteadmin
> >
> > Thanks for the help!
> > Evert
> >
> >
> >> -----Original Message-----
> >> From: fusionforge-general-bounces at lists.fusionforge.org
> >> [mailto:fusionforge-general-bounces at lists.fusionforge.org] On Behalf
> Of
> >> Christian BAYLE
> >> Sent: woensdag 16 december 2009 20:29
> >> To: Thorsten Glaser
> >> Cc: fusionforge-general at lists.fusionforge.org
> >> Subject: Re: [Fusionforge-general] NSS
> >>
> >> Thorsten Glaser a écrit :
> >>> On Wed, 16 Dec 2009, Christian BAYLE wrote:
> >>>
> >>>> connectionstring = user=gforge_nss dbname=gforge
> >>> This can also contain host and password. Note that nss-pgsql1 has
> >>> a completely different configuration format.
> >>>
> >>> For Hudson integration, nss-pgsql.conf must be root:wheel 0644,
> >>> and nss-pgsql-root.conf must be root:shadow 0640 (NOT 0600) and
> >>> the user Hudson is running under must be in group shadow. (It
> >>> must also be replicated in the local /etc/passwd file, funnily.)
> >>>
> >>>> #allusers        = SELECT login AS
> >>> I wonder why these are commented out.
> >> It was causing some lock in some case at system start and I
> found/made
> >> it in fact only used by
> >> getent passwd
> >> when used without arg
> >>
> >> I commented as a safety measure
> >>
> >> Christian
> >>
> >> _______________________________________________
> >> Fusionforge-general mailing list
> >> Fusionforge-general at lists.fusionforge.org
> >> http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-
> >> general
> >>
> >> --------------------------------------------------------------------
> ----
> >>
> >> _______________________________________________
> >> Fusionforge-general mailing list
> >> Fusionforge-general at lists.fusionforge.org
> >> http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-
> general
> 
> 
> _______________________________________________
> Fusionforge-general mailing list
> Fusionforge-general at lists.fusionforge.org
> http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-
> general
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3115 bytes
Desc: not available
URL: <http://lists.fusionforge.org/pipermail/fusionforge-general/attachments/20100104/3f354588/attachment.bin>


More information about the Fusionforge-general mailing list