SIGPIPE using nscd socket - commands don't seem to run
This document (7003590) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Linux Enterprise Server 10 Service Pack 2
SUSE Linux Enterprise Server 10 Service Pack 1
Situation
- Occasionally commands like tar and ls will return to the shell prompt with nothing printed at all to STDOUT or STDERR
- The return code for these commands is 141
- strace of a failure shows -1 EPIPE / SIGPIPE / Broken Pipe errors writing to nscd socket
- nscd appears to be leaking sockets as demonstrated by executing netstat -a | grep /var/run/nscd/socket and seeing hundreds or thousands of results during the problem
- The symptom is resolved by restarting the ncsd daemon
- The computer uses LDAP authentication (nss_ldap)
- /var/log/messages shows several "nss_ldap: reconnecting to LDAP server" messages
Resolution
This is an issue that can be caused by ldap server or network outages. The problem seems to be in the way that libldap uses libssl. Unfortunately, with long tcp keepalives (two hours) the ncsd daemon can hang even once the ldap server becomes available again.
The solution is to adjust the tcp keepalive down by modifying net.ipv4.tcp_keepalive_time via sysctl to something much smaller than two hours (such as a few minutes).
The solution is to adjust the tcp keepalive down by modifying net.ipv4.tcp_keepalive_time via sysctl to something much smaller than two hours (such as a few minutes).
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7003590
- Creation Date: 19-Jun-2009
- Modified Date:03-Mar-2020
-
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
