Ubuntu
openldap2.2 package

  1. Bug #6867
  2. Comment #0

Comment 0 for bug 6867

Revision history for this message
In , Michael Berg (mberg-linuxmail) wrote :

Package: slapd
Version: 2.1.29-2
Severity: grave
Justification: renders package unusable
Tags: sid

I upgraded to slapd 2.1.29 (and the corresponding libldap2) since it fixes
the TLS/SSL breakage of bug #234593 (which it does fix).

However, after upgrading, slapd 2.1.29 is crashing frequently on my system.

I'm using slapd with TLS/SSL support for user authentication. Crashing
slapd seems to be triggered fairly reliably when fetchmail retrieves
my mail and passes it to postfix for local delivery (which of course
contacts slapd to look up username and info).

Using a log level of 4095 (everything) in /etc/ldap/slapd.conf, I
obtain the syslog messages appended to the end of this email (trimmed
to what I *think* is the relevant parts -- if you need more than this,
just ask and I'll work on sanitizing usernames/schema from the rest
of it).

-- System Information:
Debian Release: testing/unstable
   APT prefers unstable
   APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.5
Locale: LANG=C, LC_CTYPE=C

Versions of packages slapd depends on:
ii coreutils [fileutils] 5.0.91-2 The GNU core utilities
ii debconf 1.4.22 Debian configuration management sy
ii fileutils 5.0.91-2 The GNU file management utilities
ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-16 Berkeley v4.2 Database Libraries [
ii libgcrypt7 1.1.90-1.1 LGPL Crypto library - runtime libr
ii libgnutls10 1.0.4-3 GNU TLS library - runtime library
ii libgpg-error0 0.7-1 library for common error values an
ii libiodbc2 3.51.2-2 iODBC Driver Manager
ii libldap2 2.1.29-2 OpenLDAP libraries
ii libltdl3 1.5.6-1 A system independent dlopen wrappe
ii libsasl2 2.1.18-4 Authentication abstraction library
ii libslp1 1.0.11-7 OpenSLP libraries
ii libtasn1-2 0.2.7-1 Manage ASN.1 structures (runtime)
ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii perl [libmime-base64-perl] 5.8.3-3 Larry Wall's Practical Extraction
ii psmisc 21.4-1 Utilities that use the proc filesy
ii zlib1g 1:1.2.1-5 compression library - runtime

-- debconf information:
   slapd/fix_directory: true
* shared/organization: homenet
   slapd/upgrade_slapcat_failure:
   slapd/backend: BDB
* slapd/allow_ldap_v2: false
   slapd/no_configuration: false
   slapd/move_old_database: true
   slapd/suffix_change: false
   slapd/slave_databases_require_updateref:
   slapd/autoconf_modules: true
* slapd/domain: homenet
   slapd/password_mismatch:
   slapd/invalid_config: true
   slapd/upgrade_slapadd_failure:
   slapd/purge_database: false
   slapd/admin:

# Excerpt from /var/log/syslog

# an ldap query was taking place up to this point

Apr 19 23:17:02 stooges slapd[4397]: ====> bdb_cache_return_entry_r( 3 ): returned (0)
Apr 19 23:17:02 stooges slapd[4397]: bdb_search: no candidates
Apr 19 23:17:02 stooges slapd[4397]: send_search_result: err=0 matched="" text=""
Apr 19 23:17:02 stooges slapd[4397]: send_ldap_response: msgid=2 tag=101 err=0
Apr 19 23:17:02 stooges slapd[4397]: ber_get_next on fd 25 failed errno=11 (Resource
temporarily unavailable)
Apr 19 23:17:02 stooges slapd[4397]: conn=16 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=7 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on 2 descriptors
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on:
Apr 19 23:17:02 stooges slapd[4397]: 24r
Apr 19 23:17:02 stooges slapd[4397]: 25r
Apr 19 23:17:02 stooges slapd[4397]:
Apr 19 23:17:02 stooges slapd[4397]: daemon: read activity on 24
Apr 19 23:17:02 stooges slapd[4397]: connection_get(24)
Apr 19 23:17:02 stooges slapd[4397]: connection_get(24): got connid=15
Apr 19 23:17:02 stooges slapd[4397]: connection_read(24): checking for input on id=15
Apr 19 23:17:02 stooges slapd[4397]: do_unbind
Apr 19 23:17:02 stooges slapd[4397]: conn=15 op=2 UNBIND
Apr 19 23:17:02 stooges slapd[4397]: ber_get_next on fd 24 failed errno=0 (Success)
Apr 19 23:17:02 stooges slapd[4397]: connection_read(24): input error=-2 id=15, closing.
Apr 19 23:17:02 stooges slapd[4397]: connection_closing: readying conn=15 sd=24 for close
Apr 19 23:17:02 stooges slapd[4397]: connection_close: deferring conn=15 sd=24
Apr 19 23:17:02 stooges slapd[4397]: connection_resched: reaquiring locks conn=15 sd=24
Apr 19 23:17:02 stooges slapd[4397]: connection_resched: attempting closing conn=15 sd=24
Apr 19 23:17:02 stooges slapd[4397]: connection_close: conn=15 sd=24
Apr 19 23:17:02 stooges slapd[4397]: daemon: removing 24
Apr 19 23:17:02 stooges slapd[4397]: conn=15 fd=24 closed
Apr 19 23:17:02 stooges slapd[4397]: daemon: read activity on 25
Apr 19 23:17:02 stooges slapd[4397]: connection_get(25)
Apr 19 23:17:02 stooges slapd[4397]: connection_get(25): got connid=16
Apr 19 23:17:02 stooges slapd[4397]: connection_read(25): checking for input on id=16
Apr 19 23:17:02 stooges slapd[4397]: do_unbind
Apr 19 23:17:02 stooges slapd[4397]: conn=16 op=2 UNBIND
Apr 19 23:17:02 stooges slapd[4397]: ber_get_next on fd 25 failed errno=0 (Success)
Apr 19 23:17:02 stooges slapd[4397]: connection_read(25): input error=-2 id=16, closing.
Apr 19 23:17:02 stooges slapd[4397]: connection_closing: readying conn=16 sd=25 for close
Apr 19 23:17:02 stooges slapd[4397]: connection_close: deferring conn=16 sd=25
Apr 19 23:17:02 stooges slapd[4397]: connection_resched: reaquiring locks conn=16 sd=25
Apr 19 23:17:02 stooges slapd[4397]: connection_resched: attempting closing conn=16 sd=25
Apr 19 23:17:02 stooges slapd[4397]: connection_close: conn=16 sd=25
Apr 19 23:17:02 stooges slapd[4397]: daemon: removing 25
Apr 19 23:17:02 stooges slapd[4397]: conn=16 fd=25 closed
Apr 19 23:17:02 stooges /USR/SBIN/CRON[4428]: (root) CMD ( run-parts --report
/etc/cron.hourly)
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=7 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on 2 descriptors
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=7 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on 1 descriptors
Apr 19 23:17:02 stooges slapd[4397]: daemon: new connection on 24
Apr 19 23:17:02 stooges slapd[4397]: conn=17 fd=24 ACCEPT from IP=192.168.10.21:33148
(IP=0.0.0.0:636)
Apr 19 23:17:02 stooges slapd[4397]: daemon: added 24r
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on:
Apr 19 23:17:02 stooges slapd[4397]:
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=7 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on 2 descriptors
Apr 19 23:17:02 stooges slapd[4397]: daemon: new connection on 25
Apr 19 23:17:02 stooges slapd[4397]: conn=18 fd=25 ACCEPT from IP=192.168.10.20:34467
(IP=0.0.0.0:636)
Apr 19 23:17:02 stooges slapd[4397]: daemon: added 25r
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on:
Apr 19 23:17:02 stooges slapd[4397]: 24r
Apr 19 23:17:02 stooges slapd[4397]:
Apr 19 23:17:02 stooges slapd[4397]: daemon: read activity on 24
Apr 19 23:17:02 stooges slapd[4397]: connection_get(24)
Apr 19 23:17:02 stooges slapd[4397]: connection_get(24): got connid=17
Apr 19 23:17:02 stooges slapd[4397]: connection_read(24): checking for input on id=17
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=7 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on 1 descriptors
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on:
Apr 19 23:17:02 stooges slapd[4397]: 25r
Apr 19 23:17:02 stooges slapd[4397]:
Apr 19 23:17:02 stooges slapd[4397]: daemon: read activity on 25
Apr 19 23:17:02 stooges slapd[4397]: connection_get(25)
Apr 19 23:17:02 stooges slapd[4397]: connection_get(25): got connid=18
Apr 19 23:17:02 stooges slapd[4397]: connection_read(25): checking for input on id=18
Apr 19 23:17:02 stooges slapd[4397]: connection_read(25): unable to get TLS client DN
error=49 id=18
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: select: listen=7 active_threads=0 tvp=NULL
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on 2 descriptors
Apr 19 23:17:02 stooges slapd[4397]: daemon: activity on:
Apr 19 23:17:02 stooges slapd[4397]: 24r
Apr 19 23:17:02 stooges slapd[4397]: 25r
Apr 19 23:17:02 stooges slapd[4397]:
Apr 19 23:17:02 stooges slapd[4397]: daemon: read activity on 24
Apr 19 23:17:02 stooges slapd[4397]: connection_get(24)
Apr 19 23:17:02 stooges slapd[4397]: connection_get(24): got connid=17
Apr 19 23:17:02 stooges slapd[4397]: connection_read(24): checking for input on id=17
Apr 19 23:17:35 stooges ps: nss_ldap: could not connect to any LDAP server as (null) -
Can't contact LDAP server
Apr 19 23:17:35 stooges ps: nss_ldap: could not connect to any LDAP server as (null) -
Can't contact LDAP server

# lots of "could not connect to any LDAP server" and other errors follow
# since slapd is no longer running at this point.