Bug 431798

Summary: After setup of ipa-client on rhel5, cannot ssh to client as root.
Product: [Retired] freeIPA Reporter: Michael Gregg <mgregg>
Component: ipa-clientAssignee: Simo Sorce <ssorce>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: benl, nalin, ssorce
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: freeipa-2.0.0-1.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 429034    

Description Michael Gregg 2008-02-07 00:12:30 UTC 
Description of problem:
After setup of ipa-client on rhel5, cannot ssh to host as root.

Version-Release number of selected component (if applicable):

ssh 10.14.0.132 -o GSSAPIAuthentication=no
Last login: Wed Feb  6 07:56:50 2008
sshd: ldap-nss.c:1312: do_init: Assertion
`cfg->ldc_uris[__session.ls_current_uri] != ((void *)0)' failed.
Connection to 10.14.0.132 closed.


How reproducible:
setup ipa-client on a rhel5 host. Set up DNS properly. Then ssh to the host.
  
Actual results:
ssh 10.14.0.132 -o GSSAPIAuthentication=no
Last login: Wed Feb  6 07:56:50 2008
sshd: ldap-nss.c:1312: do_init: Assertion
`cfg->ldc_uris[__session.ls_current_uri] != ((void *)0)' failed.
Connection to 10.14.0.132 closed.

Expected results:
ssh 10.14.0.132 

Additional info:
I had some ssh keys installed on the client in order for this to work.
Comment 1 Rob Crittenden 2008-02-08 16:44:02 UTC 
I believe that this will be fixed if you install and configure ipa-client on the
IPA server.
Comment 2 Simo Sorce 2008-02-08 17:06:47 UTC 
This is a bug in nss_ldap.
Comment 3 Simo Sorce 2008-02-08 17:43:54 UTC 
Btw this bug was already captured by 430018, but disguised under a DHCP error
that was not FreeIPA fault and was therefore closed.
Comment 4 Nalin Dahyabhai 2008-02-08 18:22:49 UTC 
Which versions of nss_ldap and sshd were installed?  What did their
configuration files look like?
Comment 5 Chandrasekar Kannan 2008-03-25 19:02:24 UTC 
QE reporting that this problem is not seen anymore. 
marking bug to modified so that we can re-verify this during our
bug verification phase. 

this is per last week's bug council.
Comment 6 Yi Zhang 2008-04-02 21:42:14 UTC 
qa verified, bug closed
build used: 4-2-2008 daily build