Date: Mon, 20 Aug 2012 23:57:14 +0200 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: Adam McDougall <mcdouga9@egr.msu.edu> Cc: freebsd-current@freebsd.org Subject: Re: OpenLDAP/SASL2 problem in FreeBSD 10.0-CURRENT WAS: Re: HELP! core dumps: install, mtree, et cetera all of the sudden after portmaster security/cyrus-sasl2 Message-ID: <5032B2BA.9090204@zedat.fu-berlin.de> In-Reply-To: <502FFBAF.50003@egr.msu.edu> References: <502D12C0.2060405@zedat.fu-berlin.de> <CAGH67wRLe9KKM5H_go_6Nj4nZP-Subdcn53LV8C=Zi3KZhp13Q@mail.gmail.com> <502F4D46.60907@zedat.fu-berlin.de> <502FFBAF.50003@egr.msu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig4FE1AD6D68C1E6B590FC7107 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Am 08/18/12 22:31, schrieb Adam McDougall: > On 8/18/2012 4:07 AM, O. Hartmann wrote: >> My setups on all boxes using OpenLDAP, the port >> net/opendldap24-client/server has security/cyrus-sasl2 enabled. >> I use nsswitch and nascd. >> >> The problem: >> I can not anymore install or reinstall (using portmaster, patched for >> pkgng) the ports >> >> security/cyrus-sasl2 >> net/openldap24-client >> >> When performing an update (no matter which one), The installation >> process dies when installing the packages (see error for openldap-clei= nt >> below, it is proxy for cyrus-sasl2 also). >> >> After a failed installation, close to all binaries I touch start to >> coredump in a mustang way. ls(1) works, but ls -la dumps core (resolvi= ng >> the ownership-issue?). >> >> The only way to "save" the box is to copy missing libldap_r-2.4.so.8 o= r >> libsasl2.so.2 to /usr/local/lib/ from another, compatible box or from = a >> backup. >> >> It is impossible to me to update/reinstall either net/openldap24-clien= t >> or security/cyrus-sasl2. >> >> =3D=3D=3D> Installing for openldap-sasl-client-2.4.32_1 >> =3D=3D=3D> Generating temporary packing list >> Segmentation fault (core dumped) >> *** [install-mtree] Error code 139 >> > What happens if you disable both LDAP and cache support from NSS before= > upgrading either of those two packages? Installing files certainly mus= t > invoke functions that need to translate owners/groups to uid/gid so per= haps > something related to that suddenly fails during an attempt to replace > the library. It sounds like if your LDAP support becomes corrupt, then= > it leaves a gaping hole in the NSS critical path that many parts of the= > system must be using. When you run into this situation and can resolve= > it easily by replacing the old ldap library, is the old one corrupt? > Missing? Can you save a copy for evaluation? Does your system break i= n > a similar manner simply by renaming the LDAP library, or does it behave= > worse only if there is a faulty LDAP library being used by nss_ldap? I see the same issue in single user mode, when nscd isn't running. But /etc/pam.d/system delegates to LDAP for non-local id. When the issues arise, the open ldap library libldap_r.so isn't available anymore because something run wrong during the update. I dumped portmaster, use portupgrade at the moment. It seems, that this works so far, no matter why. When that happened (also with libsasl2.so, the same), I have to use /rescue/tar to extract the backup found in /usr/ports/packages/portmaster-backup/. bsdtar also fails. I can't say the LDAP lib is worse. It is simply missing after the installation ran rogue. At the moment, I try to dump also pkg and run the old pkg_xxx stuff again. Maybe something got corrupt when I swapped to pkgng or pkgng has a serious bug not capable of handling those situations. or I was too brave using the patched portmaster in the first place, which compromised my installation and the problems I face now are a consequnce of some hidden problems elsewere ... --------------enig4FE1AD6D68C1E6B590FC7107 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBAgAGBQJQMrK/AAoJEOgBcD7A/5N8Zb4H/RHPjHHw3pNJnal3LV5EG2qH agVUMYPD+WCfXf46qUaYQg3PyGIKJuWyE0D/0xijiBRrNrM/vN441fo1yBZi40hZ K8yftehZX36fDEIGgRpyHF9Vn8RbxTVf78nnc1We4aGDcmw3j2DVlwP22s0uWtY0 tCmUX43zCq6j7YWin6WAiqlaO0aS7z8dofi8s8komEqfpgEPVgHfTyP7hp3yjZvz AihrqGiA5aWG9PxDbboB0P5mPPg/2dn+EeNpOIRkdfS6698OVR671U1Uh6trgBgp L7GiArvYLsdJLN5Oa9zlXlQIgvypZGWab3c/d+otA9iL/xi8pgzAdsCLFpdatV8= =Pni3 -----END PGP SIGNATURE----- --------------enig4FE1AD6D68C1E6B590FC7107--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5032B2BA.9090204>