[Pkg-openldap-devel] Bug#548408: [slapd] missing entropy, caused by failed access to /dev/(u)random

Steffen Moeller steffen_moeller at gmx.de
Sat Sep 26 07:59:24 UTC 2009 

Package: slapd
Version: 2.4.17-2
Severity: serious

Hello,

the message

Starting OpenLDAP: slapd - failed:                                                                                                                                          
Fatal: no entropy gathering module detected                                                                                                                                 

is cause by 

$ ls -l /dev/*random
crw-rw---- 1 root dialout 1, 8 26. Sep 09:41 /dev/random
crw-rw---- 1 root dialout 1, 9 26. Sep 09:42 /dev/urandom

and slapd being started as user 'openldap' but

$ grep openldap /etc/group
dialout:x:20:bayer,moeller,cupsys,chipcard
openldap:x:133:

openldap is not part of dialout or of anything else.

Adding openldap to dialout has fixed this for me - while nothaving any idea on why /dev/random cannot be read by everyone.

Cheers,

Steffen




-- System Information:
Debian Release: squeeze/sid
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages slapd depends on:
ii  adduser                 3.111            add and remove users and groups
ii  coreutils               7.5-6            GNU core utilities
ii  debconf [debconf-2.0]   1.5.27           Debian configuration management sy
ii  libc6                   2.9-26           GNU C Library: Shared libraries
ii  libdb4.7                4.7.25-8         Berkeley v4.7 Database Libraries [
ii  libgnutls26             2.8.3-3          the GNU TLS library - runtime libr
ii  libldap-2.4-2           2.4.17-2         OpenLDAP libraries
ii  libltdl7                2.2.6a-4         A system independent dlopen wrappe
ii  libperl5.10             5.10.0-25        Shared Perl library
ii  libsasl2-2              2.1.23.dfsg1-1.1 Cyrus SASL - authentication abstra
ii  libslp1                 1.2.1-7.6        OpenSLP libraries
ii  libuuid1                2.16.1-3         Universally Unique ID library
ii  libwrap0                7.6.q-18         Wietse Venema's TCP wrappers libra
ii  lsb-base                3.2-23           Linux Standard Base 3.2 init scrip
ii  perl [libmime-base64-pe 5.10.0-25        Larry Wall's Practical Extraction 
ii  psmisc                  22.8-1           utilities that use the proc file s
ii  unixodbc                2.2.11-20        ODBC tools libraries

Versions of packages slapd recommends:
ii  libsasl2-modules        2.1.23.dfsg1-1.1 Cyrus SASL - pluggable authenticat

Versions of packages slapd suggests:
ii  ldap-utils                    2.4.17-2   OpenLDAP utilities

-- debconf information excluded

More information about the Pkg-openldap-devel mailing list