From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Apr 14 16:20:04 2008 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B156106567B for ; Mon, 14 Apr 2008 16:20:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 61F508FC2D for ; Mon, 14 Apr 2008 16:20:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m3EGK4vY005177 for ; Mon, 14 Apr 2008 16:20:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m3EGK4fd005176; Mon, 14 Apr 2008 16:20:04 GMT (envelope-from gnats) Resent-Date: Mon, 14 Apr 2008 16:20:04 GMT Resent-Message-Id: <200804141620.m3EGK4fd005176@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Ulrich Spoerlein Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 51B0A1065670 for ; Mon, 14 Apr 2008 16:18:40 +0000 (UTC) (envelope-from uspoerlein@gmail.com) Received: from acme.spoerlein.net (cl-43.dus-01.de.sixxs.net [IPv6:2a01:198:200:2a::2]) by mx1.freebsd.org (Postfix) with ESMTP id 8D9918FC13 for ; Mon, 14 Apr 2008 16:18:39 +0000 (UTC) (envelope-from uspoerlein@gmail.com) Received: from roadrunner.spoerlein.net (e180180151.adsl.alicedsl.de [85.180.180.151]) by acme.spoerlein.net (8.14.2/8.14.2) with ESMTP id m3EGIbZQ072067 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 14 Apr 2008 18:18:38 +0200 (CEST) (envelope-from uspoerlein@gmail.com) Received: from roadrunner.spoerlein.net (localhost [127.0.0.1]) by roadrunner.spoerlein.net (8.14.2/8.14.2) with ESMTP id m3EGIJq7017012 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 14 Apr 2008 18:18:19 +0200 (CEST) (envelope-from uqs@roadrunner.spoerlein.net) Received: (from uqs@localhost) by roadrunner.spoerlein.net (8.14.2/8.14.2/Submit) id m3EGIJTq017011; Mon, 14 Apr 2008 18:18:19 +0200 (CEST) (envelope-from uqs) Message-Id: <200804141618.m3EGIJTq017011@roadrunner.spoerlein.net> Date: Mon, 14 Apr 2008 18:18:19 +0200 (CEST) From: Ulrich Spoerlein To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: kazakov@gmail.com Subject: ports/122750: nss_ldap: Not working correctly with OpenLDAP 2.4 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2008 16:20:04 -0000 >Number: 122750 >Category: ports >Synopsis: nss_ldap: Not working correctly with OpenLDAP 2.4 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Apr 14 16:20:04 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Ulrich Spörlein >Release: FreeBSD 7.0-STABLE i386 >Organization: >Environment: The problem exists on 7.0 and 6.3, I think it is solely related to OpenLDAP 2.4 >Description: Ever since I upgraded my LDAP servers to 2.4, *all* of them have some classes of problems related to LDAP and NSS. For example, during bootup, some assertions trigger (these are gone, after the system has finished boot-up) Starting privoxy. Assertion failed: (r != NULL), function ldap_parse_result, file error.c, line 272. pid 1261 (csh), uid 201: exited on signal 6 (core dumped) It is *always* privoxy, that is effected. When I was still running dbus/hald/policykit, they would crash on boot up too. Once I've logged in, I can restart the services just fine. But logging in is not working for 60-90 seconds after the getty prompt appears. I enter my username, then it hangs for several seconds (20-30) and drops me back to login with an LDAP error. The third try usually is the charm ... One very annoying thing is, that I continually get errors like this: Apr 14 13:43:05 roadrunner sudo: nss_ldap: could not search LDAP server - Server is unavailable Apr 14 13:43:05 roadrunner sudo: nss_ldap: could not search LDAP server - Server is unavailable Apr 14 13:43:33 roadrunner xterm: nss_ldap: could not search LDAP server - Server is unavailable Apr 14 13:43:34 roadrunner xterm: nss_ldap: could not search LDAP server - Server is unavailable Apr 14 13:47:37 roadrunner sudo: nss_ldap: could not search LDAP server - Server is unavailable Apr 14 13:47:40 roadrunner xterm: nss_ldap: could not search LDAP server - Server is unavailable Apr 14 13:47:41 roadrunner xterm: nss_ldap: could not search LDAP server - Server is unavailable Please note, that LDAP and NSS are set up correctly and they *work*, the message above is totally bogus! Another weird thing that has started right around when I switched to OpenLDAP 2.4 is the groups for my user are gone, when under X. Running id(1) on the console lists all the groups I'm a member of. Running id(1) inside an xterm I get *no* secondary groups. This is also true, when logging in via ssh. getent(1) on the other hand works fine. >How-To-Repeat: Upgrade your LDAP client installation from OpenLDAP 2.3 to 2.4. Rebuild nss_ldap and pam_ldap ports. >Fix: >Release-Note: >Audit-Trail: >Unformatted: