Brian T. Roy wrote:
I don't know if it is possible to use admin server on a system that uses passwd: ldap or shadow: ldap in /etc/nsswitch.conf. The mozldap libraries used by admin server are not binary compatible with the openldap libraries used by nss_ldap. They do not co-exist in the same executable. There is a hack using LD_PRELOAD that forces mozldap to be loaded first. So probably what's happening is that nss_ldap is using symbols from mozldap, which causes it to blow up.Platform is FC6.LDAP auth worked with libnss_ladap-2.4.90 AND libnss_ldap-2.5 HOWEVER after the 2.5 update (via Software Updater) Admin Server child processes crashed when loading libnss_ldap.so.2.The second un-updated system (the one I pulled libnss_ldap-2.4.90.so from) is also FC6.Log Snips:Admin Server Error Log (showing the period when the reboot after Software Updater update):[Fri Aug 24 11:55:07 2007] [notice] [client ::1] admserv_host_ip_check: host [localhost.localdomain] did not match pattern [*.santan.brianandkelly.ws] -will scan aliases [Fri Aug 24 11:55:07 2007] [notice] [client ::1] admserv_host_ip_check: host alias [localhost] did not match pattern [*.santan.brianandkelly.ws] [Fri Aug 24 11:55:07 2007] [notice] [client ::1] admserv_check_authz(): passing [/admin-serv/authenticate] to the userauth handler[Wed Oct 24 09:53:30 2007] [notice] caught SIGTERM, shutting down[Wed Oct 24 09:58:51 2007] [notice] Access Host filter is: *.santan.brianandkelly.ws[Wed Oct 24 09:58:51 2007] [notice] Access Address filter is: *[Wed Oct 24 09:58:52 2007] [notice] Access Host filter is: *.santan.brianandkelly.ws[Wed Oct 24 09:58:52 2007] [notice] Access Address filter is: *[Wed Oct 24 09:58:52 2007] [notice] Apache/2.2.6 (Unix) mod_nss/2.2.3 NSS/3.11.3 configured -- resuming normal operations [Wed Oct 24 09:58:53 2007] [notice] child pid 3327 exit signal Segmentation fault (11) [Wed Oct 24 09:58:55 2007] [notice] child pid 3328 exit signal Segmentation fault (11) [Wed Oct 24 09:58:57 2007] [notice] child pid 3348 exit signal Segmentation fault (11) [Wed Oct 24 09:58:59 2007] [notice] child pid 3350 exit signal Segmentation fault (11)Content of strace on Segmentation Faulting admin server child process: <clip - standar stuff... looking for libnss_ldap.so.2>
Does anyone have admin server working on a system that uses passwd: ldap? Can you use passwd: files ldap to get around this problem? Or will it simply not work?
open("/usr/lib/libnss_ldap.so.2", O_RDONLY) = 32read(32, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`&\0\0004\0\0\0"..., 512) = 512fstat64(32, {st_mode=S_IFREG|0755, st_size=84552, ...}) = 0mmap2(NULL, 129408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 32, 0) = 0x6f2d0000 mmap2(0x6f2e4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 32, 0x14) = 0x6f2e4000 mmap2(0x6f2e5000, 43392, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x6f2e5000close(32) = 0 munmap(0xb729d000, 57248) = 0 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0 geteuid32() = 0 futex(0x6f2e4544, FUTEX_WAKE, 2147483647) = 0 open("/etc/ldap.conf", O_RDONLY) = 32 fstat64(32, {st_mode=S_IFREG|0644, st_size=6182, ...}) = 0 fstat64(32, {st_mode=S_IFREG|0644, st_size=6182, ...}) = 0mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f5f000read(32, "#\n# This is the configuration fi"..., 4096) = 4096 read(32, "7objectclass\tmapped_objectclass\n"..., 4096) = 2086 read(32, "", 4096) = 0 close(32) = 0 munmap(0xb7f5f000, 4096) = 0 uname({sys="Linux", node="royhomegp02.santan.brianandkelly.ws", ...}) = 0 open("/etc/hosts", O_RDONLY) = 32 fcntl64(32, F_GETFD) = 0 fcntl64(32, F_SETFD, FD_CLOEXEC) = 0 fstat64(32, {st_mode=S_IFREG|0644, st_size=194, ...}) = 0mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f5f000read(32, "# Do not remove the following li"..., 4096) = 194 read(32, "", 4096) = 0 close(32) = 0 munmap(0xb7f5f000, 4096) = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 32connect(32, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.0.5")}, 28) = 0fcntl64(32, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(32, F_SETFL, O_RDWR|O_NONBLOCK) = 0 gettimeofday({1194384239, 115881}, NULL) = 0 poll([{fd=32, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1send(32, "\23\0\1\0\0\1\0\0\0\0\0\0\vroyhomegp02\6santan\r"..., 53, MSG_NOSIGNAL) = 53poll([{fd=32, events=POLLIN, revents=POLLIN}], 1, 5000) = 1 ioctl(32, FIONREAD, [111]) = 0recvfrom(32, "\23\0\205\200\0\1\0\1\0\1\0\1\vroyhomegp02\6santan\r"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.0.5")}, [16]) = 111close(32) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- chdir("/opt/fedora-ds/admin-serv") = 0 rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 0 kill(7265, SIGSEGV) = 0 sigreturn() = ? (mask now []) --- SIGSEGV (Segmentation fault) @ 0 (0) ---Brian T. Roy[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Visit my blog @: http://briantroy.com/blogThe greatest mistake you can make in life is to be continually fearing you will make one.— Elbert Hubbard (1856-1915), The Note BookOn Nov 9, 2007, at 10:00 AM, [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> wrote:* **Re: [Fedora-directory-users] libnss_ldap-2.5.0.so update breaks admin server.*------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
