From owner-freebsd-current@FreeBSD.ORG Mon Aug 20 21:57:21 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DAA2C106564A for ; Mon, 20 Aug 2012 21:57:21 +0000 (UTC) (envelope-from ohartman@zedat.fu-berlin.de) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) by mx1.freebsd.org (Postfix) with ESMTP id 8B3D58FC15 for ; Mon, 20 Aug 2012 21:57:21 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost1.zedat.fu-berlin.de (Exim 4.69) with esmtp (envelope-from ) id <1T3ZyJ-0008Sz-T9>; Mon, 20 Aug 2012 23:57:20 +0200 Received: from e178002159.adsl.alicedsl.de ([85.178.2.159] helo=thor.walstatt.dyndns.org) by inpost2.zedat.fu-berlin.de (Exim 4.69) with esmtpsa (envelope-from ) id <1T3ZyJ-0006dP-Nb>; Mon, 20 Aug 2012 23:57:19 +0200 Message-ID: <5032B2BA.9090204@zedat.fu-berlin.de> Date: Mon, 20 Aug 2012 23:57:14 +0200 From: "O. Hartmann" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:14.0) Gecko/20120810 Thunderbird/14.0 MIME-Version: 1.0 To: Adam McDougall References: <502D12C0.2060405@zedat.fu-berlin.de> <502F4D46.60907@zedat.fu-berlin.de> <502FFBAF.50003@egr.msu.edu> In-Reply-To: <502FFBAF.50003@egr.msu.edu> X-Enigmail-Version: 1.4.3 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig4FE1AD6D68C1E6B590FC7107" X-Originating-IP: 85.178.2.159 Cc: freebsd-current@freebsd.org Subject: Re: OpenLDAP/SASL2 problem in FreeBSD 10.0-CURRENT WAS: Re: HELP! core dumps: install, mtree, et cetera all of the sudden after portmaster security/cyrus-sasl2 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Aug 2012 21:57:21 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig4FE1AD6D68C1E6B590FC7107 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Am 08/18/12 22:31, schrieb Adam McDougall: > On 8/18/2012 4:07 AM, O. Hartmann wrote: >> My setups on all boxes using OpenLDAP, the port >> net/opendldap24-client/server has security/cyrus-sasl2 enabled. >> I use nsswitch and nascd. >> >> The problem: >> I can not anymore install or reinstall (using portmaster, patched for >> pkgng) the ports >> >> security/cyrus-sasl2 >> net/openldap24-client >> >> When performing an update (no matter which one), The installation >> process dies when installing the packages (see error for openldap-clei= nt >> below, it is proxy for cyrus-sasl2 also). >> >> After a failed installation, close to all binaries I touch start to >> coredump in a mustang way. ls(1) works, but ls -la dumps core (resolvi= ng >> the ownership-issue?). >> >> The only way to "save" the box is to copy missing libldap_r-2.4.so.8 o= r >> libsasl2.so.2 to /usr/local/lib/ from another, compatible box or from = a >> backup. >> >> It is impossible to me to update/reinstall either net/openldap24-clien= t >> or security/cyrus-sasl2. >> >> =3D=3D=3D> Installing for openldap-sasl-client-2.4.32_1 >> =3D=3D=3D> Generating temporary packing list >> Segmentation fault (core dumped) >> *** [install-mtree] Error code 139 >> > What happens if you disable both LDAP and cache support from NSS before= > upgrading either of those two packages? Installing files certainly mus= t > invoke functions that need to translate owners/groups to uid/gid so per= haps > something related to that suddenly fails during an attempt to replace > the library. It sounds like if your LDAP support becomes corrupt, then= > it leaves a gaping hole in the NSS critical path that many parts of the= > system must be using. When you run into this situation and can resolve= > it easily by replacing the old ldap library, is the old one corrupt? > Missing? Can you save a copy for evaluation? Does your system break i= n > a similar manner simply by renaming the LDAP library, or does it behave= > worse only if there is a faulty LDAP library being used by nss_ldap? I see the same issue in single user mode, when nscd isn't running. But /etc/pam.d/system delegates to LDAP for non-local id. When the issues arise, the open ldap library libldap_r.so isn't available anymore because something run wrong during the update. I dumped portmaster, use portupgrade at the moment. It seems, that this works so far, no matter why. When that happened (also with libsasl2.so, the same), I have to use /rescue/tar to extract the backup found in /usr/ports/packages/portmaster-backup/. bsdtar also fails. I can't say the LDAP lib is worse. It is simply missing after the installation ran rogue. At the moment, I try to dump also pkg and run the old pkg_xxx stuff again. Maybe something got corrupt when I swapped to pkgng or pkgng has a serious bug not capable of handling those situations. or I was too brave using the patched portmaster in the first place, which compromised my installation and the problems I face now are a consequnce of some hidden problems elsewere ... --------------enig4FE1AD6D68C1E6B590FC7107 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBAgAGBQJQMrK/AAoJEOgBcD7A/5N8Zb4H/RHPjHHw3pNJnal3LV5EG2qH agVUMYPD+WCfXf46qUaYQg3PyGIKJuWyE0D/0xijiBRrNrM/vN441fo1yBZi40hZ K8yftehZX36fDEIGgRpyHF9Vn8RbxTVf78nnc1We4aGDcmw3j2DVlwP22s0uWtY0 tCmUX43zCq6j7YWin6WAiqlaO0aS7z8dofi8s8komEqfpgEPVgHfTyP7hp3yjZvz AihrqGiA5aWG9PxDbboB0P5mPPg/2dn+EeNpOIRkdfS6698OVR671U1Uh6trgBgp L7GiArvYLsdJLN5Oa9zlXlQIgvypZGWab3c/d+otA9iL/xi8pgzAdsCLFpdatV8= =Pni3 -----END PGP SIGNATURE----- --------------enig4FE1AD6D68C1E6B590FC7107--