Results 1 to 3 of 3

Thread: ld.so.conf.d games and unmounting /opt/zimbra

  1. #1
    Rich Graves is offline Outstanding Member
    Join Date
    Jan 2007
    Location
    Minnesota
    Posts
    719
    Rep Power
    9

    Default ld.so.conf.d games and unmounting /opt/zimbra

    I'm running ZCS 4.5.10 NE on RHEL 4.6 64-bit, with /etc/pam.d/system-auth configured to authenticate with pam_ldap as is the standard here.

    pam_ldap in turn links to libsasl, and thanks to /etc/ld.so.conf.d/zimbra.ld.conf, sshd eventually ends up linking to stuff in /opt/zimbra/cyrus-sasl-2.1.22.3/lib

    This just happens to work, but it has side effects. For example, in a clustered/SAN environment, if I needed to unmount /opt/zimbra, I couldn't.

    Workaround:

    Create /etc/sysconfig/sshd, containing
    export LD_LIBRARY_PATH=/lib64:/usr/lib64:/lib:/usr/lib

    This might also be needed for other daemons. For example, I run sendmail with DAEMON=no so that cron mail has someplace to go. (If you follow the Zimbra installation instructions and never start sendmail at all, then a lot of stuff will get stuck in /var/spool/clientmqueue.)

    Potentially inadequate because:

    There might be stuff in /etc/ld.so.conf.d that we actually want. For example, if you happen to be running Zimbra as a Xen domU, then you probably want the kernelcap bits (hwcap 0 nosegneg).

    There is some talk in bugzilla about building Zimbra binaries statically and/or with -R/-Wl linker hints. But this doesn't seem to have made it to 5.0RC2.

    What's the expected state of ld.so.conf/LD_LIBRARY_PATH workarounds for 5.0GA? If you're still going to be messing with the system library path, are you prepared to tell RedHat users not to use pam_ldap?

  2. #2
    Rich Graves is offline Outstanding Member
    Join Date
    Jan 2007
    Location
    Minnesota
    Posts
    719
    Rep Power
    9

    Default

    http://www.zimbra.com/forums/adminis...post67001.html talks about the same problem from the opposite side. Bug 21940 - Incorrect library load order prevents SMTP Auth on default Ubuntu installation. ends with "a fix in franklin" but it's not clear to me what fix that would be. 5.0RC2 seems to have the same potential problem.

  3. #3
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    In the 5.0 branch, we've re-worked our third party builds to set the
    LD_RUN_PATH, so it may be the ld.so.conf games may no longer be necessary, but this has not yet been tested.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •