[python-ldap] Strange network problems?

Aigars Grins aigars.grins at sentor.se
Mon Sep 18 09:02:44 EDT 2017


I have a problem and I'm wonder if any of you have stubled across 
something similar.

I have a python daemon that uses gevent + daemonize + python-ldap. That 
python daemon runs on a Debian 8 machine and connects to an OpenLDAP 
daemon running on FreeBSD. Now and then the LDAP daemon is restarted. 
When that happens, the python daemon looses it's capability to create 
new connections. [SERVER_DOWN] {'info': "Error in the system's 
randomness device.", 'errno': 11, 'desc': "Can't contact LDAP server"}

(I think that the text about "Error in the system's randomness device", 
while certainly correct in some sense, is a red herring. There's nothing 
wrong with the randomness device on the host as such. Other python 
daemons, on the same machine, have no problems. That said, obviously 
something is broken.)

Also, any existing connections are now somehow broken. When the python 
daemon code tries to use them, they block. Even though I use 
`search_st(timeout = 120.0)`. Trying to create new connections can 
sometimes, but not always, also block. Even though I use `cnxn = 
initialize(url); cnxn.set_option(OPT_NETWORK_TIMEOUT, 10.0); 
cnxn.set_option(OPT_X_TLS_NEWCTX, 0); cnxn.simple_bind(bind, password)`. 
Most often though, new connections are simply not possible to create.

All of the problems go away if I restart the python daemon after the 
LDAP daemon is restarted.

Previously I've had a related issue which I believe is more to do with 
gevent. I took it up on their tracker [1]. I'm including a reference 
here, if the data available there is of any use.

[1] <https://github.com/gevent/gevent/issues/1008>

Furthermore, the same code base works better in other python daemons on 
the same machine. So, "obviously" something's wrong in my code. It's 
just that I really can't see what the difference could be.

Do you have any ideas?

Aigars Grins

More information about the python-ldap mailing list