misc/77574: nss_ldap locks out when cd'ing to seemingly random user homedirs

Tue Feb 15 13:10:08 PST 2005

>Number:         77574
>Category:       misc
>Synopsis:       nss_ldap locks out when cd'ing to seemingly random user homedirs
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Feb 15 21:10:07 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Nathan Vidican
>Release:        5.3-RELEASE / AMD64 / AMD Opteron
>Organization:
Windsor Match Plate & Tool Ltd.
>Environment:
FreeBSD wmptl.net 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov  5 03:50:01 UTC 2004     root at fanboy.samsco.home:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
Running pam_ldap & nss_ldap, with all users, groups, samba/posix account information stored in ldap db. Using OpenLDAP from ports tree, as well as nss_ldap and pam_ldap too.

Execute: cd ~someusername, regardless of uid (have changed uids, re-created ldap entries, etc), some (seemingly random) uids hang and lock out the system console. 

Output is as follows:

wmptl# cd ~kmcneil/
0Àcºdc=wmptl,dc=net

 -£
   objectclass
              posixAccount£uidkmcneil0iuid
homeDirectory                             userPassword  uidNumber       gidNumbercn
loginShellgecos
               description
                          objectClass
(END OF SNIPPET)
At this point, only a [CRTL] + D command will release the user back to thier shell. This causes lockups and problems running samba, qpopper, and sendmail while they attempt to open/find files within a homedir.
>How-To-Repeat:
Install base 5.3-RELEASE/amd64, install nss_ldap, pam_ldap, openLDAP server/client from ports tree.

Configure database of several users (currently ours has about 200), attempt as root (or priveledged user to cd into other user's homedirs) using 'cd ~username'.
>Fix:
Unknown, googl'ing reveals many other people with similar problem, but no solution I've been able to find as of yet. FreeBSD problem report search reveals nothing of relevance yet either.
>Release-Note:
>Audit-Trail:
>Unformatted: