[Pkg-openldap-devel] Bug#597704: On upgrade to 2.4.23-5 an rm -f /* has been executed and crashed my whole system!

Matthijs Mohlmann matthijs at cacholong.nl
Wed Sep 22 11:41:52 UTC 2010 

tags + moreinfo
thanks

On Sep 22, 2010, at 1:15 PM, Joerg Friedrich wrote:

> Package: slapd
> Version: 2.4.23-5
> Severity: critical
> 
> After the last upgrade of slapd my complete sytem was unusable because
> the update ran a rm -f /*.
> 
> this fortunatly was not able to delete the directory bin, sbin, home,
> var, ... but it deleted the symlink lib64 -> lib (amd64 system) and then
> the linker was not able to find some libraries so the system was
> unusable. I was able to recover the link by boot cd, so I think I did
> not lose any data.
> 
> Background: I installed slapd on my desktop for testing with
> ldapbackend. I just did a straight installation of slapd but I changed
> slapd.conf afterwards to use the ldap-backend.
> During the upgrade either slapd.config or slapd.postinst failed and
> tried to delete the database directory but since my slapd.conf did not
> contain any directory statement any more get_directory returned nothing
> and $dbdir was emtpy. So instead of rm -f "$dbdir"/* it ran  rm -f /*!
> 
> Please add a test that checks if $dbdir has any value!
> 
> Btw: I think rm -f "$dbdir"/* can run into MAX_ARGS. maybe using find
> .... -delete would be better
> 
> 
> 
> -- System Information:
> Debian Release: squeeze/sid
>  APT prefers testing
>  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 2.6.34-1-amd64 (SMP w/2 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> 
> Versions of packages slapd depends on:
> ii  adduser                   3.112          add and remove users and groups
> ii  coreutils                 8.5-1          GNU core utilities
> ii  debconf [debconf-2.0]     1.5.35         Debian configuration management sy
> ii  libc6                     2.11.2-5       Embedded GNU C Library: Shared lib
> ii  libdb4.8                  4.8.30-2       Berkeley v4.8 Database Libraries [
> ii  libgnutls26               2.8.6-1        the GNU TLS library - runtime libr
> ii  libldap-2.4-2             2.4.23-5       OpenLDAP libraries
> ii  libltdl7                  2.2.6b-2       A system independent dlopen wrappe
> ii  libperl5.10               5.10.1-14      shared Perl library
> ii  libsasl2-2                2.1.23.dfsg1-6 Cyrus SASL - authentication abstra
> ii  libslp1                   1.2.1-7.8      OpenSLP libraries
> ii  libwrap0                  7.6.q-19       Wietse Venema's TCP wrappers libra
> ii  lsb-base                  3.2-23.1       Linux Standard Base 3.2 init scrip
> ii  perl [libmime-base64-perl 5.10.1-14      Larry Wall's Practical Extraction 
> ii  psmisc                    22.11-1        utilities that use the proc file s
> ii  unixodbc                  2.2.14p2-1     ODBC tools libraries
> 
> Versions of packages slapd recommends:
> ii  libsasl2-modules          2.1.23.dfsg1-6 Cyrus SASL - pluggable authenticat
> 
> Versions of packages slapd suggests:
> ii  ldap-utils                    2.4.23-5   OpenLDAP utilities
> -

Hi Joerg,

Can you supply a configuration file (/etc/ldap/slapd.conf) ?
Make sure there is no confidential information in that file.

Furthermore, can you supply the debconf information ?

Regards,

Matthijs Mohlmann

More information about the Pkg-openldap-devel mailing list