misc/77574: nss_ldap locks out when cd'ing to seemingly random user
homedirs
Nathan Vidican
nvidican at wmptl.com
Tue Feb 15 13:10:08 PST 2005
>Number: 77574
>Category: misc
>Synopsis: nss_ldap locks out when cd'ing to seemingly random user homedirs
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 15 21:10:07 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Nathan Vidican
>Release: 5.3-RELEASE / AMD64 / AMD Opteron
>Organization:
Windsor Match Plate & Tool Ltd.
>Environment:
FreeBSD wmptl.net 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 03:50:01 UTC 2004 root at fanboy.samsco.home:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
Running pam_ldap & nss_ldap, with all users, groups, samba/posix account information stored in ldap db. Using OpenLDAP from ports tree, as well as nss_ldap and pam_ldap too.
Execute: cd ~someusername, regardless of uid (have changed uids, re-created ldap entries, etc), some (seemingly random) uids hang and lock out the system console.
Output is as follows:
wmptl# cd ~kmcneil/
0Àcºdc=wmptl,dc=net
-£
objectclass
posixAccount£uidkmcneil0iuid
homeDirectory userPassword uidNumber gidNumbercn
loginShellgecos
description
objectClass
(END OF SNIPPET)
At this point, only a [CRTL] + D command will release the user back to thier shell. This causes lockups and problems running samba, qpopper, and sendmail while they attempt to open/find files within a homedir.
>How-To-Repeat:
Install base 5.3-RELEASE/amd64, install nss_ldap, pam_ldap, openLDAP server/client from ports tree.
Configure database of several users (currently ours has about 200), attempt as root (or priveledged user to cd into other user's homedirs) using 'cd ~username'.
>Fix:
Unknown, googl'ing reveals many other people with similar problem, but no solution I've been able to find as of yet. FreeBSD problem report search reveals nothing of relevance yet either.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list