Bug 1663566
| Summary: | [RGW-LDAP]: segfault in ExternalAuthStrategy constructor when no LDAP secret file configured | ||
|---|---|---|---|
| Product: | [Red Hat Storage] Red Hat Ceph Storage | Reporter: | Matt Benjamin (redhat) <mbenjamin> |
| Component: | RGW | Assignee: | Matt Benjamin (redhat) <mbenjamin> |
| Status: | CLOSED ERRATA | QA Contact: | Tejas <tchandra> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 3.2 | CC: | anharris, cbodley, ceph-eng-bugs, kbader, mbenjamin, sweil, tchandra, tserlin |
| Target Milestone: | z1 | ||
| Target Release: | 3.2 | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | RHEL: ceph-12.2.8-76.el7cp Ubuntu: ceph_12.2.8-61redhat1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-03-07 15:51:27 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0475 |
Description of problem (from Ceph tracker issues): """ The default configuration for rgw_ldap_secret seems to be set to /etc/openldap/secret, which on my system is empty: ceph-conf -D | grep ldap rgw_ldap_binddn = uid=admin,cn=users,dc=example,dc=com rgw_ldap_dnattr = uid rgw_ldap_searchdn = cn=users,cn=accounts,dc=example,dc=com rgw_ldap_searchfilter = rgw_ldap_secret = /etc/openldap/secret rgw_ldap_uri = ldaps://<ldap.your.domain> rgw_s3_auth_use_ldap = false cat /etc/openldap/secret cat: /etc/openldap/secret: No such file or directory The code assumes that if it is set, the named file has content. Since it doesn’t, safe_read_file() asserts. I set it to nothing (rgw_ldap_secret = ) in my configuration, and everything seems happy. """