| 2014-10-30 10:03:12 |
Louis Bouchard |
bug |
|
|
added bug |
| 2014-10-30 10:03:33 |
Louis Bouchard |
libnss-ldap (Ubuntu): status |
New |
Confirmed |
|
| 2014-10-30 10:03:38 |
Louis Bouchard |
libnss-ldap (Ubuntu): importance |
Undecided |
Critical |
|
| 2014-10-30 10:04:04 |
Louis Bouchard |
nominated for series |
|
Ubuntu Utopic |
|
| 2014-10-30 10:04:04 |
Louis Bouchard |
bug task added |
|
libnss-ldap (Ubuntu Utopic) |
|
| 2014-10-30 10:04:04 |
Louis Bouchard |
nominated for series |
|
Ubuntu Trusty |
|
| 2014-10-30 10:04:04 |
Louis Bouchard |
bug task added |
|
libnss-ldap (Ubuntu Trusty) |
|
| 2014-10-30 10:04:18 |
Louis Bouchard |
libnss-ldap (Ubuntu Utopic): status |
New |
Confirmed |
|
| 2014-10-30 10:04:26 |
Louis Bouchard |
libnss-ldap (Ubuntu Utopic): importance |
Undecided |
Critical |
|
| 2014-10-30 10:04:57 |
Louis Bouchard |
description |
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
This bug is specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
|
| 2014-10-30 10:21:13 |
Louis Bouchard |
libnss-ldap (Ubuntu): assignee |
|
Louis Bouchard (louis-bouchard) |
|
| 2014-10-30 10:21:17 |
Louis Bouchard |
libnss-ldap (Ubuntu Utopic): assignee |
|
Louis Bouchard (louis-bouchard) |
|
| 2014-10-30 15:38:30 |
Louis Bouchard |
libnss-ldap (Ubuntu Trusty): status |
New |
Confirmed |
|
| 2014-10-30 15:38:40 |
Louis Bouchard |
nominated for series |
|
Ubuntu Precise |
|
| 2014-10-30 15:38:40 |
Louis Bouchard |
bug task added |
|
libnss-ldap (Ubuntu Precise) |
|
| 2014-10-30 15:38:48 |
Louis Bouchard |
libnss-ldap (Ubuntu Precise): importance |
Undecided |
Critical |
|
| 2014-10-30 15:38:50 |
Louis Bouchard |
libnss-ldap (Ubuntu Trusty): importance |
Undecided |
Critical |
|
| 2014-10-30 15:38:53 |
Louis Bouchard |
libnss-ldap (Ubuntu Precise): assignee |
|
Louis Bouchard (louis-bouchard) |
|
| 2014-10-30 15:38:55 |
Louis Bouchard |
libnss-ldap (Ubuntu Trusty): assignee |
|
Louis Bouchard (louis-bouchard) |
|
| 2014-10-30 16:15:07 |
Louis Bouchard |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727177 |
|
| 2014-11-05 11:11:54 |
Louis Bouchard |
libnss-ldap (Ubuntu): status |
Confirmed |
In Progress |
|
| 2014-11-21 19:13:38 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/vivid-proposed/libnss-ldap |
|
| 2014-11-21 20:05:37 |
Launchpad Janitor |
libnss-ldap (Ubuntu): status |
In Progress |
Fix Released |
|
| 2014-11-21 20:18:56 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/libnss-ldap |
|
| 2014-12-09 14:21:33 |
Louis Bouchard |
libnss-ldap (Ubuntu Precise): status |
New |
Invalid |
|
| 2014-12-09 14:21:41 |
Louis Bouchard |
libnss-ldap (Ubuntu Trusty): status |
Confirmed |
In Progress |
|
| 2014-12-09 14:21:43 |
Louis Bouchard |
libnss-ldap (Ubuntu Utopic): status |
Confirmed |
In Progress |
|
| 2014-12-09 14:21:49 |
Louis Bouchard |
libnss-ldap (Ubuntu): assignee |
Louis Bouchard (louis-bouchard) |
|
|
| 2014-12-09 14:22:00 |
Louis Bouchard |
tags |
|
cts |
|
| 2014-12-09 14:42:05 |
Louis Bouchard |
description |
This bug is specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
[SRU justification]
The version of the library in the archive for Utopic and Trusty has been built prior to a change in glibc that removes an expected symbol. Rebuild of the libnss-ldap library with the current source package will render the library unusable and may cause systems to become unbootable.
[Impact]
Without this fix, a rebuild of the libnss-ldap package will cause grave impact where usage of the libnss-ldap will segfault. Such a segfault during the boot process will cause the system to become unbootable.
[Fix]
Backport the glibc-2.16.patch that is now merged in Vivid into Utopic and Trusty. The version of the library in Precise already uses the correct glibc symbol.
[Test Case]
$ sudo apt-get download libnss-ldap
$ mkdir tmp
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.15.so |grep lock$
w __pthread_mutex_lock
w __pthread_mutex_unlock
#Rebuild the library
$ pull-lp-source libnss-ldap trusty
$ sbuild -A -d trusty libnss-ldap_264-2.2ubuntu4.dsc
$ rm -Rf tmp/*
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.19.so | grep lock$
U __libc_lock_lock
U __libc_lock_unlock
Notice that the libnss-ldap version change (2.15 -> 2.19). With the newly built version, the expected _pthread_mutex_lock|unlock is no longer present.
[Regression]
None expected. This is already present and in use in the upstream version of the library.
[Original Description of the problem]
Unlike previously thought, this bug is _NOT_ specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
|
| 2014-12-09 14:46:23 |
Louis Bouchard |
attachment added |
|
lp1387594_glibc_utopic.debdiff https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1387594/+attachment/4276986/+files/lp1387594_glibc_utopic.debdiff |
|
| 2014-12-09 14:46:32 |
Louis Bouchard |
libnss-ldap (Ubuntu Precise): assignee |
Louis Bouchard (louis-bouchard) |
|
|
| 2014-12-09 14:47:04 |
Louis Bouchard |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
| 2014-12-09 14:47:14 |
Louis Bouchard |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2014-12-09 15:45:33 |
Louis Bouchard |
description |
[SRU justification]
The version of the library in the archive for Utopic and Trusty has been built prior to a change in glibc that removes an expected symbol. Rebuild of the libnss-ldap library with the current source package will render the library unusable and may cause systems to become unbootable.
[Impact]
Without this fix, a rebuild of the libnss-ldap package will cause grave impact where usage of the libnss-ldap will segfault. Such a segfault during the boot process will cause the system to become unbootable.
[Fix]
Backport the glibc-2.16.patch that is now merged in Vivid into Utopic and Trusty. The version of the library in Precise already uses the correct glibc symbol.
[Test Case]
$ sudo apt-get download libnss-ldap
$ mkdir tmp
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.15.so |grep lock$
w __pthread_mutex_lock
w __pthread_mutex_unlock
#Rebuild the library
$ pull-lp-source libnss-ldap trusty
$ sbuild -A -d trusty libnss-ldap_264-2.2ubuntu4.dsc
$ rm -Rf tmp/*
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.19.so | grep lock$
U __libc_lock_lock
U __libc_lock_unlock
Notice that the libnss-ldap version change (2.15 -> 2.19). With the newly built version, the expected _pthread_mutex_lock|unlock is no longer present.
[Regression]
None expected. This is already present and in use in the upstream version of the library.
[Original Description of the problem]
Unlike previously thought, this bug is _NOT_ specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
[SRU justification]
The version of the library in the archive for Utopic and Trusty has been built prior to a change in glibc that removes an expected symbol. Rebuild of the libnss-ldap library with the current source package will render the library unusable and may cause systems to become unbootable.
[Impact]
Without this fix, a rebuild of the libnss-ldap package will cause grave impact where usage of the libnss-ldap will segfault. Such a segfault during the boot process will cause the system to become unbootable.
[Fix]
Backport the glibc-2.16.patch that is now merged in Vivid into Utopic and Trusty. The version of the library in Precise already uses the correct glibc symbol.
[Test Case]
On a server properly configured for ldap authentication :
root@trusty-ldapclient:~# getent passwd john
john:x:10000:5000:John Doe:/home/john:/bin/bash
The same test on arm64 or ppc64el platform where the libnss-ldap have been rebuilt recently you will get :
root@trusty-ldapclient:~# getent passwd john
Segmentation fault (core dumped)
$ sudo apt-get download libnss-ldap
$ mkdir tmp
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.15.so |grep lock$
w __pthread_mutex_lock
w __pthread_mutex_unlock
#Rebuild the library
$ pull-lp-source libnss-ldap trusty
$ sbuild -A -d trusty libnss-ldap_264-2.2ubuntu4.dsc
$ rm -Rf tmp/*
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.19.so | grep lock$
U __libc_lock_lock
U __libc_lock_unlock
Notice that the libnss-ldap version change (2.15 -> 2.19). With the newly built version, the expected _pthread_mutex_lock|unlock is no longer present.
[Regression]
None expected. This is already present and in use in the upstream version of the library.
[Original Description of the problem]
Unlike previously thought, this bug is _NOT_ specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
|
| 2015-01-15 04:34:46 |
Matt Ezell |
bug |
|
|
added subscriber Matt Ezell |
| 2015-01-16 15:01:35 |
Louis Bouchard |
attachment added |
|
lp1387594_glibc_trusty.debdiff https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1387594/+attachment/4299974/+files/lp1387594_glibc_trusty.debdiff |
|
| 2015-01-16 15:45:41 |
Robie Basak |
description |
[SRU justification]
The version of the library in the archive for Utopic and Trusty has been built prior to a change in glibc that removes an expected symbol. Rebuild of the libnss-ldap library with the current source package will render the library unusable and may cause systems to become unbootable.
[Impact]
Without this fix, a rebuild of the libnss-ldap package will cause grave impact where usage of the libnss-ldap will segfault. Such a segfault during the boot process will cause the system to become unbootable.
[Fix]
Backport the glibc-2.16.patch that is now merged in Vivid into Utopic and Trusty. The version of the library in Precise already uses the correct glibc symbol.
[Test Case]
On a server properly configured for ldap authentication :
root@trusty-ldapclient:~# getent passwd john
john:x:10000:5000:John Doe:/home/john:/bin/bash
The same test on arm64 or ppc64el platform where the libnss-ldap have been rebuilt recently you will get :
root@trusty-ldapclient:~# getent passwd john
Segmentation fault (core dumped)
$ sudo apt-get download libnss-ldap
$ mkdir tmp
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.15.so |grep lock$
w __pthread_mutex_lock
w __pthread_mutex_unlock
#Rebuild the library
$ pull-lp-source libnss-ldap trusty
$ sbuild -A -d trusty libnss-ldap_264-2.2ubuntu4.dsc
$ rm -Rf tmp/*
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.19.so | grep lock$
U __libc_lock_lock
U __libc_lock_unlock
Notice that the libnss-ldap version change (2.15 -> 2.19). With the newly built version, the expected _pthread_mutex_lock|unlock is no longer present.
[Regression]
None expected. This is already present and in use in the upstream version of the library.
[Original Description of the problem]
Unlike previously thought, this bug is _NOT_ specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
[SRU justification]
The version of the library in the archive for Utopic and Trusty has been built prior to a change in glibc that removes an expected symbol. Rebuild of the libnss-ldap library with the current source package will render the library unusable and may cause systems to become unbootable.
[Impact]
Without this fix, a rebuild of the libnss-ldap package will cause grave impact where usage of the libnss-ldap will segfault. Such a segfault during the boot process will cause the system to become unbootable.
[Fix]
Backport the glibc-2.16.patch that is now merged in Vivid into Utopic and Trusty. The version of the library in Precise already uses the correct glibc symbol.
[Test Case]
On a server properly configured for ldap authentication :
root@trusty-ldapclient:~# getent passwd john
john:x:10000:5000:John Doe:/home/john:/bin/bash
The same test on arm64 or ppc64el platform where the libnss-ldap have been rebuilt recently you will get :
root@trusty-ldapclient:~# getent passwd john
Segmentation fault (core dumped)
$ sudo apt-get download libnss-ldap
$ mkdir tmp
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.15.so |grep lock$
w __pthread_mutex_lock
w __pthread_mutex_unlock
#Rebuild the library
$ pull-lp-source libnss-ldap trusty
$ sbuild -A -d trusty libnss-ldap_264-2.2ubuntu4.dsc
$ rm -Rf tmp/*
$ dpkg -x libnss-ldap_264-2.2ubuntu4_amd64.deb tmp
$ nm -D tmp/lib/x86_64-linux-gnu/libnss_ldap-2.19.so | grep lock$
U __libc_lock_lock
U __libc_lock_unlock
Notice that the libnss-ldap version change (2.15 -> 2.19). With the newly built version, the expected _pthread_mutex_lock|unlock is no longer present.
[Regression]
None expected. This is already present and in use in the upstream version of the library.
15:27 <rbasak> caribou: so what I don't like about this is that the patch seems a bit invasive in an area where if there's a regression, it'll be in multithreading code that'll be non-deterministic and thus difficult to test.
15:27 <rbasak> caribou: OTOH, it's broken on ppc64el at the moment? That means we need to fix it.
15:28 <rbasak> Having an active upstream that had committed the code would give me more confidence that the patch is good (since they're more familiar with the code and will have reviewed it)
15:29 <rbasak> But Debian have committed it, so that's better than nothing.
15:31 <rbasak> caribou: I think we have no choice but to push it to Trusty (and Utopic), but we should let the SRU team decide at that stage. IMHO, my concern should be noted in "Regression Potential", so I'll do that now.
[Original Description of the problem]
Unlike previously thought, this bug is _NOT_ specific to the PPC64EL architecture. More details in the analysis.
Many commands that require the use of libnss-ldap will fail with Segmentation Fault. The boot procedure itself can be blocked with the following message.
One potential workaround is to remove the use of ldap from the /etc/nsswitch.conf file to at least provide a bootable system. |
|
| 2015-01-16 22:13:18 |
Adam Conrad |
libnss-ldap (Ubuntu Trusty): status |
In Progress |
Fix Committed |
|
| 2015-01-16 22:13:23 |
Adam Conrad |
bug |
|
|
added subscriber SRU Verification |
| 2015-01-16 22:13:25 |
Adam Conrad |
tags |
cts |
cts verification-needed |
|
| 2015-01-16 22:15:10 |
Adam Conrad |
libnss-ldap (Ubuntu Utopic): status |
In Progress |
Fix Committed |
|
| 2015-01-16 22:22:51 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/trusty-proposed/libnss-ldap |
|
| 2015-01-16 22:23:01 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/utopic/libnss-ldap/utopic-proposed |
|
| 2015-01-17 22:45:13 |
Matt Ezell |
tags |
cts verification-needed |
cts verification-done |
|
| 2015-01-28 16:23:13 |
Launchpad Janitor |
libnss-ldap (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
| 2015-01-28 16:23:22 |
Chris J Arges |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2015-01-28 16:23:54 |
Launchpad Janitor |
libnss-ldap (Ubuntu Utopic): status |
Fix Committed |
Fix Released |
|
| 2015-01-28 18:54:09 |
Mathew Hodson |
bug task added |
|
libnss-ldap (Debian) |
|
| 2015-01-29 11:59:45 |
Bug Watch Updater |
libnss-ldap (Debian): status |
Unknown |
Fix Released |
|
