Bug#381153: [Pkg-openldap-devel] Bug#381153: slapd: Upgrade to
2.3.24-2 breaks system when using libnss-ldap
Matthijs Mohlmann
matthijs at cacholong.nl
Wed Aug 2 17:44:30 UTC 2006
severity 381153 important
merge 381153 380658
thanks
On Wed, 02 Aug 2006 16:15:39 +0100
Paul LeoNerd Evans <leonerd at leonerd.org.uk> wrote:
> Package: slapd
> Version: 2.3.24-2
> Severity: critical
> Justification: breaks the whole system
>
> I have users stored in LDAP, using libnss-ldap and libpam-ldap. The
> upgrade process to install 2.3.24-2 tries to stop slapd, then run
> "useradd" to create the required user to run as, then start it again.
> Because my user list is in LDAP, this all breaks. slapd is now
> unstartable.
>
> Furthermore, no user can log in to any terminal, nor can any existing
> shells "su", or "sudo". PAM-ldap becomes unusable. Fortunately for me,
> root is still in /etc/{passwd,shadow}, so I was able to ssh as root to
> fix it. Were that not the case, the only way out of this is a hard
> reboot, passing
>
> init=/bin/sh
>
> to GRUB/LILO, and manually fixing things from there.
>
> I believe this total failure of ability to log in justifies the critical
> classification, but I accept that it only happens in the non-default
> case of passwd/group being LDAP-based.
>
>
Please check next time the bug page of slapd again, there are already 3
bug reports with this problem available: #379728, #380620 and #380658
This is also not really a bug in OpenLDAP bug in libnss-ldap which has a few different settings that can cause this kind of breakage.
Regards,
Matthijs Mohlmann
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20060802/6ccdda3b/signature-0001.pgp
More information about the Pkg-openldap-devel
mailing list