[389-users] PAM Pass through authentication only one threaded
Jan Tomasek
jan at tomasek.cz
Mon Nov 4 17:46:20 UTC 2013
On 11/04/2013 05:22 PM, Rich Megginson wrote:
> On 11/04/2013 09:08 AM, Jan Tomasek wrote:
>> On 11/04/2013 05:04 PM, Rich Megginson wrote:
>>
>>> Does the script open a connection to the same server it is being called
>>> from?
>>
>> Yes.
>
> So this is a case of self-deadlock? I don't understand. What is it
> exactly that you expect will happen?
If there is one connection it works. If there is 29 parallel bind
requests it works. If there is 30 and more it immediately hang. I'm
seeking why 29 is ok and 30 is bad.
In other words deadlock happens only if I run 30+ parallel connections.
I do this:
> for i in `seq 1 30`
> do
> time ldapsearch -LLL -H ldaps://xxx.cesnet.cz -x \
> -b dc=perun-shadow,dc=cesnet,dc=cz \
> -D "uid=semik$i,ou=People,dc=perun-shadow,dc=cesnet,dc=cz" \
> -w 'zadek' -s base dn &
> done
and 389 is immediately deadlocked. That should not happen I think.
The script itself binds anonymously so it should not go into PAM.
That script was just proof of concept. Maybe I should explain what I
want to do in other thread.
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20131104/beb99682/attachment.sig>
More information about the 389-users
mailing list