我有一个全新的 AlmaLinux 8.8 安装,其中安装了 nss-pam-ldap 软件包。
当我尝试重新启动 nslcd 服务时,它失败:
# systemctl restart nslcd.service
Job for nslcd.service failed because the control process exited with error code.
See "systemctl status nslcd.service" and "journalctl -xe" for details.
除其他外,journalctl -xe给出:
Unit nslcd.service has begun starting up.
Nov 11 13:09:24 nslcd[99425]: nslcd: cannot open config file (/etc/nslcd.conf): Permission denied
Nov 11 13:09:24 systemd[1]: nslcd.service: Control process exited, code=exited status=1
Nov 11 13:09:24 systemd[1]: nslcd.service: Failed with result 'exit-code'.
我的nslcd.conf读物是:
# The user and group nslcd should run as.
uid root
gid root
uri ldaps://some.stuff.de
base ou=dir,dc=some,dc=stuff,dc=de
# SSL options
#ssl off
tls_reqcert demand
tls_cacertfile /etc/pki/tls/certs/ca-bundle.crt
权限:
# ls -l nslcd.conf
-rw-r--r--. 1 root root 684 Nov 11 13:07 nslcd.conf
/var/run/nslcd我手动将from的权限更改nslcd:root为root:root。我不知道什么可能导致进程读取conf文件。