Public bug reported:
I have a server which uses slapd and libnss_ldap based authentication through
nsswitch.conf as per the manuals. After upgrading to 14.04 we lost our logging
altogether; syslog was un-installed. After first installing syslog-ng I
switched to using rsyslogd. The server hung consistently on boot. After several
days of debugging, I have finally identified how and where the problem
manifests.
When any process starts logging, rsyslog setgids and setuids as specified in
rsyslog.conf. The setgid generally works OK (it is already running that group
id) the setuid calls nss which then attempts to contact LDAP. LDAP is not yet
running and cannot at that point in the startup. nss then tries to log a
warning re-entering back into rsyslog. This locks up rsyslog, the calling
process and any subsequent calling processes. boom.
In the attached apport I have simulated what happens using the logger
command with rsyslog running but slapd stopped.
** Affects: rsyslog (Ubuntu)
Importance: Undecided
Status: New
** Tags: boot hangs ldap nss rsyslog
** Attachment added: "Apport file for hung rsyslog"
https://bugs.launchpad.net/bugs/1414507/+attachment/4305475/+files/apport.rsyslog.h4r_i2es.apport
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1414507
Title:
rsyslog hangs if setuid during logging process causes further logging
Status in rsyslog package in Ubuntu:
New
Bug description:
I have a server which uses slapd and libnss_ldap based authentication through
nsswitch.conf as per the manuals. After upgrading to 14.04 we lost our logging
altogether; syslog was un-installed. After first installing syslog-ng I
switched to using rsyslogd. The server hung consistently on boot. After several
days of debugging, I have finally identified how and where the problem
manifests.
When any process starts logging, rsyslog setgids and setuids as specified in
rsyslog.conf. The setgid generally works OK (it is already running that group
id) the setuid calls nss which then attempts to contact LDAP. LDAP is not yet
running and cannot at that point in the startup. nss then tries to log a
warning re-entering back into rsyslog. This locks up rsyslog, the calling
process and any subsequent calling processes. boom.
In the attached apport I have simulated what happens using the logger
command with rsyslog running but slapd stopped.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1414507/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
