我的设置如下:我有一个 Web 应用程序,它在 LDAP 目录中创建用户条目。然后,它调用一个脚本,使创建的用户成为文件的所有者。
我已经设置了 LDAP,并且创建的用户显示在 中getent passwd。但是,chown失败,并抱怨“无效用户”。我可能遗漏了什么?
LDAP 条目:
dn: sn=rabe,ou=users,dc=example,dc=org
sambaLMPassword: 01FC5A6BE7BC6929AAD3B435B51404EE
sambaPrimaryGroupSID: S-1-5-21-3583809738-3196142711-508974553-100
displayName: Testaccount Rabe
sambaLogonScript: _rabe.bat
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
userPassword:: e1NIQX1xVXFQNWN5eG02WWNUQWh6MDVIcGg1Z3Z1OU09
uidNumber: 1004
uid: rabe
cn: rabe
sambaPwdLastSet: 1507196636
loginShell: /bin/false
sambaAcctFlags: [UX ]
gidNumber: 100
sambaPwdMustChange: 2147483647
sambaNTPassword: 0CB6948805F797BF2A82807973B89537
gecos: rabe
sambaSID: S-1-5-21-3583809738-3196142711-508974553-{uidNumber*2+1000}
description: LDAP Group
homeDirectory: /home/rabe
sambaKickoffTime: 0
sn: rabe
sambaPasswordHistory: 000000000000000000000000000000000000000000000000000000
000000000000000000
sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
structuralObjectClass: inetOrgPerson
entryUUID: 737627e0-3dfd-1037-980f-b9017388453e
creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20171005094356Z
entryCSN: 20171005094356.722950Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20171005094356Z
用户列于getent passwd:
me@host:~$ getent passwd|diff /etc/passwd -
40a41
> rabe:x:1004:100:rabe:/home/rabe:/bin/false
但是,chown失败了:
me@host:~$ touch test
me@host:~$ chown rabe test
chown: ungültiger Benutzer: »rabe“
我可能遗漏了什么?接下来我应该检查什么?
操作系统:Ubuntu 16.04 Xenial
文件系统:ext4
答案1
解决方案是重新启动以下服务:
sudo /etc/init.d/portmap restart
sudo /etc/init.d/libnss-ldap restart
答案2
还有一次,卸载并重新安装该libnss-ldap软件包就成功了。
sudo apt-get purge libnss-ldap
sudo apt-get install libnss-ldap