[Calendarserver-maintainers] Bug#499963: Bug#499963: calendarserver: caldavd fails to authenticate and autocreate principal when running with NssDirectoryService
Ben Poliakoff
benp at reed.edu
Tue Sep 30 21:37:41 UTC 2008
* Guido Günther <agx at sigxcpu.org> [20080928 01:23]:
> On Fri, Sep 26, 2008 at 10:07:29AM -0700, Ben Poliakoff wrote:
> > ..pretty sure you meant /var/spool/caldavd. Permissions seem fine:
> Sure. Thanks.
> >
> > [benp at lenny ~]$ sudo su -s /bin/bash caldavd
> > caldavd at lenny:/home/benp$ touch /var/spool/caldavd/test
> > caldavd at lenny:/home/benp$ ls -l /var/spool/caldavd/test
> > -rw-r--r-- 1 caldavd caldavd 0 2008-09-26 10:01 /var/spool/caldavd/test
> > caldavd at lenny:/home/benp$ rm /var/spool/caldavd/test
> > caldavd at lenny:/home/benp$ ls -l /var/spool/caldavd/test
> > ls: cannot access /var/spool/caldavd/test: No such file or directory
> > caldavd at lenny:/home/benp$
> This is getting weird. Did you check if the user benp is in the valid
> uid range [firstValidUid-lastValidUid]? If he is, it might make sense to
> try out the XML backend instead of NSS for testing.
> -- Guido
>
Using the XML backend seems to work fine (tested both with the example
'test' user and with a newly defined user):
==> access.log <==
134.10.15.21 - test [30/Sep/2008:13:24:03 -0700] "OPTIONS
/calendars/users/test/ HTTP/1.1" 200 0 "-" "cadaver/0.22.3 neon/0.25.5"
[53.9 ms]
134.10.15.21 - test [30/Sep/2008:13:24:03 -0700] "PROPFIND
/calendars/users/test/ HTTP/1.1" 207 649 "-" "cadaver/0.22.3
neon/0.25.5" [72.5 ms]
==> error.log <==
2008-09-30 13:24:03-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
OPTIONS /calendars/users/test/ HTTP/1.1
2008-09-30 13:24:03-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
PROPFIND /calendars/users/test/ HTTP/1.1
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Provisioning file:
(users) test [calendar-proxy-read]
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Provisioning file:
(users) test
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Provisioning file:
(users) test [calendar-proxy-read]
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Initializing database
/var/spool/caldavd/principals/.db.calendaruserproxy
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Provisioning file:
(users) test [calendar-proxy-write]
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Provisioning file:
(users) test
2008-09-30 13:24:03-0700 [-] [caldav-8008] [-] Provisioning file:
(users) test [calendar-proxy-write]
Switching back to the NSS backend I tried looking at /principals:
==> access.log <==
134.10.15.21 - - [30/Sep/2008:13:54:49 -0700] "OPTIONS /principals/
HTTP/1.1" 401 141 "-" "cadaver/0.22.3 neon/0.25.5" [63.1 ms]
==> error.log <==
2008-09-30 13:54:49-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
OPTIONS /principals/ HTTP/1.1
2008-09-30 13:54:49-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
OPTIONS /principals/ HTTP/1.1
2008-09-30 13:54:49-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
"Directory service <SudoDirectoryService 'reed.edu':
FilePath('/etc/caldavd/sudoers.plist')> has no GUID; generating service
GUID from realm name."
2008-09-30 13:54:49-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
'No principal found for UID: benp'
2008-09-30 13:54:49-0700 [-] [caldav-8008] [HTTPChannel,0,134.10.15.21]
Could not find the principal resource for user id: benp
The 'no GUID' messages seem to be pointing at something....
'getent passwd benp' returns my account details:
benp:*:25022:506:Ben Poliakoff:/home/benp:/bin/bash
Here's my NssDirectoryService config from /etc/caldavd/caldavd.plist
(trying to keep it as simple as possible):
<!-- NSS directory service -->
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>twistedcaldav.directory.nss.NssDirectoryService</string>
<key>params</key>
<dict>
<key>realmName</key>
<string>reed.edu</string>
<key>mailDomain</key>
<string>reed.edu</string>
</dict>
</dict>
--
________________________________________________________________________
PGP fingerprint: A131 F813 7A0F C5B7 E74D C972 9118 A94D 6AF5 2019
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/calendarserver-maintainers/attachments/20080930/746345fa/attachment.pgp
More information about the Calendarserver-maintainers
mailing list