Mailinglist Archive: opensuse-bugs (4037 mails)

< Previous Next >
[Bug 710430] DNS problem with LDAP server

https://bugzilla.novell.com/show_bug.cgi?id=710430

https://bugzilla.novell.com/show_bug.cgi?id=710430#c11


Ralf Haferkamp <rhafer@xxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Priority|P5 - None |P3 - Medium
Status|NEEDINFO |ASSIGNED
InfoProvider|qwatli@xxxxxxxxx |
Blocks| |715180
Severity|Normal |Major

--- Comment #11 from Ralf Haferkamp <rhafer@xxxxxxxx> 2011-08-31 12:16:52 CEST
---
I just submitted the ldapdump patch to Factory. While that fix is needed it is
however unlikely that it is really the cause of yast2 crashing.

Looking at /var/log/YaST/signal is seems to crash somewhere in
/usr/lib64/libldapcpp.so.1 (when called from the ldap-agent). One crash occure
e.g. on 2011-08-05 05:04:42 the corresponding y2logs can be found in
y2log-1.gz:

2011-08-05 05:04:25 <1> Creations(32256) [Perl]
modules/LdapServerAccess.pm(LdapServerAccess::AddLdapSchemas):90 Schemabase:
dnszone
2011-08-05 05:04:25 <1> Creations(32256) [Perl]
modules/LdapServerAccess.pm(LdapServerAccess::AddLdapSchemas):101 Schema
/etc/openldap/schema/dnszone.schema is already included
2011-08-05 05:04:25 <3> Creations(32256) [agent-ldap]
LdapAgent.cc(debug_exception):485 ldap error while starting TLS (-11): Connect
error
2011-08-05 05:04:25 <3> Creations(32256) [agent-ldap]
LdapAgent.cc(debug_exception):487 additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verif
y failed (self signed certificate in certificate chain)
2011-08-05 05:04:25 <1> Creations(32256) [ui]
YPushButton.cc(setFunctionKey):204 Guessing button role YOKButton for
YPushButton "OK" at 0x25d2208 from function key F10
2011-08-05 05:04:42 <1> Creations(32256) [Perl]
modules/DnsServer.pm(DnsServer::GetConfigurationStat):905 Stat of the file
'/etc/named.conf' is 'rights: 644, blocks: 16, size: 41
08, owner: 0:44 changed: 1312484041, modifyied: 1312484041'
2011-08-05 05:04:42 <1> Creations(32256) [Perl]
modules/DnsServer.pm(DnsServer::SaveGlobals):385 Deleting zones

So the hint for LdapServerAccess.pm was not that far off.
It seems that DnsServer::SaveGlobals() calls DnsZone::ZonesDeleteLdap() which
uses the ldap-agent. The ldap-agent however was unable to open a connection
(because of TLS problems) and somehow ends up using a stale LDAPConnection
Object.

This might be even a bug in libldapcpp. Still investigating.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >
References