OpenLDAP/SASL2 problem in FreeBSD 10.0-CURRENT WAS: Re: HELP!
core dumps: install, mtree, et cetera all of the sudden after portmaster
security/cyrus-sasl2
O. Hartmann
ohartman at zedat.fu-berlin.de
Mon Aug 20 21:57:21 UTC 2012
Am 08/18/12 22:31, schrieb Adam McDougall:
> On 8/18/2012 4:07 AM, O. Hartmann wrote:
>> My setups on all boxes using OpenLDAP, the port
>> net/opendldap24-client/server has security/cyrus-sasl2 enabled.
>> I use nsswitch and nascd.
>>
>> The problem:
>> I can not anymore install or reinstall (using portmaster, patched for
>> pkgng) the ports
>>
>> security/cyrus-sasl2
>> net/openldap24-client
>>
>> When performing an update (no matter which one), The installation
>> process dies when installing the packages (see error for openldap-cleint
>> below, it is proxy for cyrus-sasl2 also).
>>
>> After a failed installation, close to all binaries I touch start to
>> coredump in a mustang way. ls(1) works, but ls -la dumps core (resolving
>> the ownership-issue?).
>>
>> The only way to "save" the box is to copy missing libldap_r-2.4.so.8 or
>> libsasl2.so.2 to /usr/local/lib/ from another, compatible box or from a
>> backup.
>>
>> It is impossible to me to update/reinstall either net/openldap24-client
>> or security/cyrus-sasl2.
>>
>> ===> Installing for openldap-sasl-client-2.4.32_1
>> ===> Generating temporary packing list
>> Segmentation fault (core dumped)
>> *** [install-mtree] Error code 139
>>
> What happens if you disable both LDAP and cache support from NSS before
> upgrading either of those two packages? Installing files certainly must
> invoke functions that need to translate owners/groups to uid/gid so perhaps
> something related to that suddenly fails during an attempt to replace
> the library. It sounds like if your LDAP support becomes corrupt, then
> it leaves a gaping hole in the NSS critical path that many parts of the
> system must be using. When you run into this situation and can resolve
> it easily by replacing the old ldap library, is the old one corrupt?
> Missing? Can you save a copy for evaluation? Does your system break in
> a similar manner simply by renaming the LDAP library, or does it behave
> worse only if there is a faulty LDAP library being used by nss_ldap?
I see the same issue in single user mode, when nscd isn't running. But
/etc/pam.d/system delegates to LDAP for non-local id.
When the issues arise, the open ldap library libldap_r.so isn't
available anymore because something run wrong during the update.
I dumped portmaster, use portupgrade at the moment. It seems, that this
works so far, no matter why.
When that happened (also with libsasl2.so, the same), I have to use
/rescue/tar to extract the backup found in
/usr/ports/packages/portmaster-backup/. bsdtar also fails.
I can't say the LDAP lib is worse. It is simply missing after the
installation ran rogue.
At the moment, I try to dump also pkg and run the old pkg_xxx stuff
again. Maybe something got corrupt when I swapped to pkgng or pkgng has
a serious bug not capable of handling those situations. or I was too
brave using the patched portmaster in the first place, which compromised
my installation and the problems I face now are a consequnce of some
hidden problems elsewere ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20120820/4eb2ee4c/signature.pgp
More information about the freebsd-current
mailing list