Your message dated Sat, 26 Sep 2009 21:39:07 +0200
with message-id <4abe6ddb.60...@gmx.de>
and subject line Re: Bug#548408: [slapd] missing entropy, caused by failed
access to /dev/(u)random
has caused the Debian Bug report #548408,
regarding [slapd] missing entropy, caused by failed access to /dev/(u)random
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
548408: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548408
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: slapd
Version: 2.4.17-2
Severity: serious
Hello,
the message
Starting OpenLDAP: slapd - failed:
Fatal: no entropy gathering module detected
is cause by
$ ls -l /dev/*random
crw-rw---- 1 root dialout 1, 8 26. Sep 09:41 /dev/random
crw-rw---- 1 root dialout 1, 9 26. Sep 09:42 /dev/urandom
and slapd being started as user 'openldap' but
$ grep openldap /etc/group
dialout:x:20:bayer,moeller,cupsys,chipcard
openldap:x:133:
openldap is not part of dialout or of anything else.
Adding openldap to dialout has fixed this for me - while nothaving any idea on
why /dev/random cannot be read by everyone.
Cheers,
Steffen
-- System Information:
Debian Release: squeeze/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages slapd depends on:
ii adduser 3.111 add and remove users and groups
ii coreutils 7.5-6 GNU core utilities
ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy
ii libc6 2.9-26 GNU C Library: Shared libraries
ii libdb4.7 4.7.25-8 Berkeley v4.7 Database Libraries [
ii libgnutls26 2.8.3-3 the GNU TLS library - runtime libr
ii libldap-2.4-2 2.4.17-2 OpenLDAP libraries
ii libltdl7 2.2.6a-4 A system independent dlopen wrappe
ii libperl5.10 5.10.0-25 Shared Perl library
ii libsasl2-2 2.1.23.dfsg1-1.1 Cyrus SASL - authentication abstra
ii libslp1 1.2.1-7.6 OpenSLP libraries
ii libuuid1 2.16.1-3 Universally Unique ID library
ii libwrap0 7.6.q-18 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip
ii perl [libmime-base64-pe 5.10.0-25 Larry Wall's Practical Extraction
ii psmisc 22.8-1 utilities that use the proc file s
ii unixodbc 2.2.11-20 ODBC tools libraries
Versions of packages slapd recommends:
ii libsasl2-modules 2.1.23.dfsg1-1.1 Cyrus SASL - pluggable authenticat
Versions of packages slapd suggests:
ii ldap-utils 2.4.17-2 OpenLDAP utilities
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Russ Allbery wrote:
> Steffen Moeller <steffen_moel...@gmx.de> writes:
>
>> is cause by
>
>> $ ls -l /dev/*random
>> crw-rw---- 1 root dialout 1, 8 26. Sep 09:41 /dev/random
>> crw-rw---- 1 root dialout 1, 9 26. Sep 09:42 /dev/urandom
>
> Why are the permissions and ownership on your random devices broken? The
> standard permissions on a stock Debian system are:
>
> crw-rw-rw- 1 root root 1, 8 2009-08-24 13:09 /dev/random
> crw-rw-rw- 1 root root 1, 9 2009-08-24 13:09 /dev/urandom
>
> You're not the only person to have seen this problem, but the OpenLDAP
> packages are definitely not the ones changing the permissions. I suspect
> there's a broken package that's doing this.
Many thanks, Russ. I'll change the permissions and investigate.
Steffen
--- End Message ---
