(bug fixed in version 244 from padl.com) debug output: nss_ldap: ==> do_init nss_ldap: <== do_init (cached session) nss_ldap: ==> do_open nss_ldap: ==> do_init nss_ldap: <== do_init (cached session) nss_ldap: <== do_open (cached session) nss_ldap: ==> do_filter nss_ldap: :== do_filter: (&(objectclass=posixGroup)(memberUid=ldaptest)) nss_ldap: <== do_filter nss_ldap: ==> do_with_reconnect nss_ldap: ==> do_open nss_ldap: ==> do_init nss_ldap: <== do_init (cached session) nss_ldap: <== do_open (cached session) nss_ldap: ==> do_search Program received signal SIGSEGV, Segmentation fault. 0xb7ec42cf in strlen () from /lib/libc.so.6 backtrace: #5 0xb7b192f7 in do_search (base=0xb7b26e30 "ou=Group,dc=technoparkcorp,dc=com", scope=2, filter=0xbfd48504 "(&(objectclass=posixGroup)(memberUid=ldaptest))", attrs=0xbfd48da4, sizelimit=0, msgid=0xbfd48d50) at ldap-nss.c:2480 rc = 0 serverctrls = {0x8059ed8, 0x0} #6 0xb7b18ffc in do_with_reconnect (base=0xb7b26e30 "ou=Group,dc=technoparkcorp,dc=com", scope=2, filter=0xbfd48504 "(&(objectclass=posixGroup)(memberUid=ldaptest))", attrs=0xbfd48da4, sizelimit=0, private=0xbfd48d50, search_func=0xb7b1921d <do_search>) at ldap-nss.c:2379 rc = 52 tries = 0 backoff = 0 hard = 1 stat = NSS_STATUS_SUCCESS #7 0xb7b19e83 in _nss_ldap_search (args=0xbfd48dc4, filterprot=0xb7b2f040 "(&(objectclass=posixGroup)(memberUid=%s))", sel=LM_GROUP, user_attrs=0xbfd48da4, sizelimit=0, msgid=0xbfd48d50, csd=0x8059d0c) at ldap-nss.c:2952 sdBase = "§Аж·\001\000\000\000\230\221\005\bD\211Фї\017\033ж·ф\017т·Д\203с·\030\000\000\000\000\223\005\b\230\221\005\b *т·ф\017т·\230\221\005\b *т·h\211Фїїщж· *т·\230\221\005\bф\017т·\230\221\005\bяяяя\234\211Фї%\004ж·\230\221\005\b\000\000\000\000С\030µ·\000\000\000\000\000\004\000\000\230\221\005\b\000\004\000\000\200#т·ф_µ·р\211ФїТ\a\000\000¬\211Фї\b\030µ·\230\221\005\bф_µ·ј\211ФїL\030µ·ф\017т·ф\017т·\034\216Фїє7й· \030µ·а\211Фї\000\004\000\000\200#т·", '\0' <repeats 12 times>... base = 0xb7b26e30 "ou=Group,dc=technoparkcorp,dc=com" filterBuf = "(&(objectclass=posixGroup)(memberUid=ldaptest))\000T\213д·м\212Фїј\206Фїа|І·\001\000\000\000\"\000\000\000мmІ·\001\000\000\000\002\000\000\000d\205Фїа|І·\000\000\000\000(&(objectclass=posixAccount)(uid=ldaptest))", '\0' <repeats 99 times>, "s \000\000\000\000яяяячяяя", '\0' <repeats 36 times>, "!ъж·", '\0' <repeats 20 times>, "\002\000\000\000@\214Фїм\212Фї\000"... dynamicFilterBuf = 0x0 attrs = (const char **) 0xb7b27d60 filter = 0xbfd48504 "(&(objectclass=posixGroup)(memberUid=ldaptest))" scope = 2 stat = NSS_STATUS_SUCCESS sd = (ldap_service_search_descriptor_t *) 0xb7b26e54 #8 0xb7b1a30d in _nss_ldap_getent_ex (args=0xbfd48dc4, ctx=0xbfd48dbc, result=0xbfd48df4, buffer=0x0, buflen=0, errnop=0xb7f22380, filterprot=0xb7b2f040 "(&(objectclass=posixGroup)(memberUid=%s))", sel=LM_GROUP, user_attrs=0xbfd48da4, parser=0xb7b1c0b2 <do_parse_initgroups_nested>) at ldap-nss.c:3116 msgid = -1 stat = NSS_STATUS_SUCCESS #9 0xb7b1c275 in _nss_ldap_initgroups_dyn (user=0x8058b0e "ldaptest", group=0, start=0xbfd48e5c, size=0xbfd48e84, groupsp=0xbfd48e88, limit=65536, errnop=0xb7f22380) at ldap-grp.c:1120 lia = {group = 0, start = 0xbfd48e5c, size = 0xbfd48e84, groups = 0xbfd48e88, limit = 65536, depth = 0, known_groups = 0x0} filter = 0xb7b2f040 "(&(objectclass=posixGroup)(memberUid=%s))" a = {la_type = LA_TYPE_STRING, la_arg1 = {la_string = 0x8058b0e "ldaptest", la_number = 134581006, la_triple = { host = 0x8058b0e "ldaptest", user = 0x8059cd0 "и\234\005\b", domain = 0x73736e5f <Address 0x73736e5f out of bounds>}, la_string_list = 0x8058b0e}, la_arg2 = {la_string = 0x0}} stat = NSS_STATUS_SUCCESS ctx = (ent_context_t *) 0x8059cf8 gidnumber_attrs = {0xbfd48dd0 "_nss", 0xb7b14000 "\177ELF\001\001\001", 0xb7b14984 "\r\004"} map = LM_GROUP #10 0xb7e9393e in fgetgrent () from /lib/libc.so.6 No symbol table info available. #11 0xb7e93bdc in initgroups () from /lib/libc.so.6 No symbol table info available. #12 0x0804a1b2 in ?? () No symbol table info available. Steps to Reproduce: 1. setup nss_ldap.conf and nsswitch.conf for looking for group and users in ldap 3. rpm -q nss_ldap nss_ldap-239-alt1 2. su - ldaptest Actual Results: segmentation fault (getent group - working. and with "group: files" everything ok)
*** Bug 8409 has been marked as a duplicate of this bug. ***
*** Bug 7981 has been marked as a duplicate of this bug. ***
Принято, но исправить смогу не раньше чем через неделю
я заливал в инкоминг 244 в порядке NMU, но в сизиф его не пропустили.
http://bugzilla.padl.com/show_bug.cgi?id=241: If nss_ldap-239 is built _without_ RFC2307bis support, the module will segfault when enumerating the groups a particular user belongs to, due to an uninitialized pointer. The patch below fixes that. diff -rpu nss_ldap-239.orig/ldap-grp.c nss_ldap-239/ldap-grp.c --- nss_ldap-239.orig/ldap-grp.c 2005-05-24 02:53:19.000000000 +0200 +++ nss_ldap-239/ldap-grp.c 2005-12-22 02:36:52.000000000 +0100 @@ -1115,6 +1115,8 @@ char *_nss_ldap_getgrset (char *user) } #else filter = _nss_ldap_filt_getgroupsbymember; + gidnumber_attrs[0] = ATM (group, gidNumber); + gidnumber_attrs[1] = NULL; #endif /* RFC2307BIS */ stat = _nss_ldap_getent_ex (&a, &ctx, (void *) &lia, NULL, 0,
Кстати, в nss_ldap бы внести дефолты сообразно http://wiki.sisyphus.ru/changes за 28.01.2006: Евгений Остапец сообщает о проблемах при обновлении nss_ldap до версии 244. Чтобы жизнь была легче, стоит задать таймауты в /etc/nss_ldap.conf: nss_reconnect_sleeptime 2 nss_reconnect_maxsleeptime 2 nss_reconnect_maxconntries 2 nss_reconnect_tries 2 еще имеет смысл bind_policy soft
=== TelnetClients:x:10008:gorlov Remote Desktop Users:x:10009:gorlov SoftDistributors:x:10012:gorlov,max,crazy ... === Всё из лдапа.
