Server upgrade with ldap

April 5, 2009


As I’m on an upgrade roll I decided to upgrade my new server too. It is configured with kerberos and ldap… and this is were the trouble.


When a service is upgraded in Ubuntu/Debian it is first stopped and than later restarted when the new files are there. When all your user information is kept in ldap, the following sucks:

Preparing to replace slapd 2.4.11-0ubuntu6.1 (using
    .../slapd_2.4.15-1ubuntu3_i386.deb) ...
Stopping OpenLDAP: slapd.
  Dumping to /var/backups/slapd-2.4.11-0ubuntu6.1:
- directory dc=atoom,dc=net... done.
Unpacking replacement slapd ...

And there goes the neighborhood… everything slows to a crawl, because every getpwnam call needs to timeout before /etc/passwd and friends are consulted.

So a control-C (at the wrong time of course, so this gave also problems) the upgrade process to fix /etc/nsswitch.conf and disable ldap-lookups for now:

sudo vi /etc/nsswitch.conf

vi: error while loading shared libraries: cannot
open shared object file: No such file or directory

oh… oh… Luckily there is also nano, but as a vim addict I find nano very confusing. After figuring out that control-X will save the file I can finally make the change.