I just set up an ldap server in a jail and have run into a snag. I'm mainly using ldap for authorization services. I'm running a roughly ywo month old installation of FreeBSD 8.2.
I installed the openldap24-server port and configured a few test accounts in the directory. I configured another jail to use pam_ldap and nss_ldap to authenticate telnet sessions against the directory. I found out rather quickly that each time I try to authenticate against the directory it crashes with a SIGSEGV.
In order to rule out the client jail, I configured a Linux machine to authenticate console logins against the directory, and the server crashes just the same when queried by the Linux machine.
The directory does authenticate sessions though. The Linux machine is able to authenticate against the directory just fine, but slapd seg faults during many of the transactions. It faults much more often when the client is the FreeBSD jail, but even when the Linux machine is the client the server won't last 10 sessions before crashing.
I can run ldapsearch and get results, but the server also randomly seg fault on searches. There is no indication in any logs of the cause. I've run the debug level up to 9 and it always fails at the same place.
The following is the end of a session where I used id to query the directory for a user account a few times. The last one is when the server crashes, returning no name for the groups.
I've deinstalled and recompiled the port more than once with no change. Anybody have any ideas?
I installed the openldap24-server port and configured a few test accounts in the directory. I configured another jail to use pam_ldap and nss_ldap to authenticate telnet sessions against the directory. I found out rather quickly that each time I try to authenticate against the directory it crashes with a SIGSEGV.
In order to rule out the client jail, I configured a Linux machine to authenticate console logins against the directory, and the server crashes just the same when queried by the Linux machine.
The directory does authenticate sessions though. The Linux machine is able to authenticate against the directory just fine, but slapd seg faults during many of the transactions. It faults much more often when the client is the FreeBSD jail, but even when the Linux machine is the client the server won't last 10 sessions before crashing.
I can run ldapsearch and get results, but the server also randomly seg fault on searches. There is no indication in any logs of the cause. I've run the debug level up to 9 and it always fails at the same place.
The following is the end of a session where I used id to query the directory for a user account a few times. The last one is when the server crashes, returning no name for the groups.
Code:
user@linux:~$ id test
uid=10001(test) gid=10001(test) groups=10001(test)
user@linux:~$ id test
uid=10001(test) gid=10001(test) groups=10001
Code:
=> bdb_equality_candidates (objectClass)
=> key_read
<= bdb_index_read: failed (-30989)
<= bdb_equality_candidates: id=0, first=0, last=0
=> bdb_equality_candidates (objectClass)
=> key_read
<= bdb_index_read 3 candidates
<= bdb_equality_candidates: id=3, first=5, last=9
=> bdb_equality_candidates (memberUid)
<= bdb_equality_candidates: (memberUid) not indexed
=> bdb_equality_candidates (uniqueMember)
<= bdb_equality_candidates: (uniqueMember) not indexed
bdb_search_candidates: id=3 first=5 last=9
bdb_search: 5 does not match filter
bdb_search: 7 does not match filter
bdb_search: 9 does not match filter
send_ldap_result: conn=1003 op=5 p=3
send_ldap_response: msgid=6 tag=101 err=0
ber_flush2: 51 bytes to sd 10
daemon: activity on 1 descriptor
daemon: activity on: 10r
daemon: read activity on 10
Segmentation faultI've deinstalled and recompiled the port more than once with no change. Anybody have any ideas?
