Server OS: CentOS 5.3
Kernel: 2.6.18-164.el5
httpd: 2.2.3-22.el5.centos.2
One of my httpd servers started getting a segmentation fault in mod_ldap
this morning.
As far as I can tell, nothing related to httpd changed between a time I
know it worked and when the failures started showing up in the
error_log. The httpd binary, the conf files, and the module binaries do
not have new timestamps.
I have several different locations protected via LDAP authentication to
our Active Directory server. Some are applications like Subversion and
Trac. Others are for static content. It appears that any URL that is
protected via LDAP is failing.
According to auditing in Active Directory, the authentication is
succeeding there.
Here is a sample config with sensitive data in the URL's changed:
AuthType basic
AuthName "OrangeBlood AD"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL
"ldap://company.com/DC=orangeblood,DC=org?sAMAccountName?sub?"
AuthLDAPBindDN "CN=ProxyUser,DC=orangeblood,DC=org"
AuthLDAPBindPassword "*******"
Require valid-user
Here is a stack trace:
#0 0x00002b23b9be4020 in ?? () from /etc/httpd/modules/mod_ldap.so
#1 0x00002b23b9be5066 in ?? () from /etc/httpd/modules/mod_ldap.so
#2 0x00002b23b9def7ad in ?? () from /etc/httpd/modules/mod_authnz_ldap.so
#3 0x00002b23b81b8f93 in ?? () from /etc/httpd/modules/mod_auth_basic.so
#4 0x00002b23b422ecb2 in ap_run_check_user_id () from /usr/sbin/httpd
#5 0x00002b23b422feb7 in ap_process_request_internal () from
/usr/sbin/httpd
#6 0x00002b23b42418f8 in ap_process_request () from /usr/sbin/httpd
#7 0x00002b23b423eb40 in ?? () from /usr/sbin/httpd
#8 0x00002b23b423aca2 in ap_run_process_connection () from /usr/sbin/httpd
#9 0x00002b23b4245849 in ?? () from /usr/sbin/httpd
#10 0x00002b23b4245ada in ?? () from /usr/sbin/httpd
#11 0x00002b23b4245b90 in ?? () from /usr/sbin/httpd
#12 0x00002b23b424687b in ap_mpm_run () from /usr/sbin/httpd
#13 0x00002b23b4220e48 in main () from /usr/sbin/httpd
I changed LogLevel to debug in httpd.conf and was able to see some debug
level logging, but nothing about the failure.
Do I have any choice but to compile mod_ldap.so with symbols?
--
David L. Crow Texas! It's like a
c...@orangeblood.org whole other country.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org