Bug 460307

Summary: Removing openldap-devel breaks sudo command
Product: Red Hat Enterprise Linux 5 Reporter: Jan Safranek <jsafrane>
Component: openldapAssignee: Jan Safranek <jsafrane>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5.3CC: jplans, psklenar, rvokal
Target Milestone: rc   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-20 20:53:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Safranek 2008-08-27 14:15:51 UTC 
+++ This bug was initially created as a clone of Bug #240253 +++

My latest run of 'yum update' included an update for openldap-devel. Since I
don't plan to do any development related to ldap I removed the package 'using
rpm -e openldap-devel'. I then discovered I could no longer use the 'sudo'
command. The sudo command would give me the message:

sudo: error while loading shared libraries: libldap-2.3.so.0: cannot open shared
object file: No such file or directory

When I re-install the openldap-devel package I am able to use the sudo command
once more.

The above happens consistently. When I remove openldap-devel I no longer have
the /usr/lib/libldap.so file and can't run sudo. When I install openldap-devel I
can use the sudo command.

--- Additional comment from jsafrane on 2007-05-16 04:13:18 EDT ---

Thank you for the bug report. There is just missing 'ldconfig' in %postun of
openldap-devel.

You can safely remove openldap-devel, but afterwards you must manually call
ldconfig as root:
rpm -e openldap-devel
ldconfig

I'll fix it in next release of openldap rpms.
Comment 1 RHEL Program Management 2008-08-27 14:31:50 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 4 Jan Safranek 2008-08-29 11:05:24 UTC 
Apart from the problem described above, OpenLDAP uses libldap.so as name of ldap library and it confuses ldconfig - it can create links during package update as follows:
libldap-2.3.so.0 -> libldap.so
/usr/lib64/libldap.so -> libldap-2.3.so.0.2.31

The same applies to libldap and libldap_r.

This is perfectly working, only "rpm -V openldap" complains about wrong links:
....L...   /usr/lib64/liblber-2.3.so.0
....L...   /usr/lib64/libldap-2.3.so.0
....L...   /usr/lib64/libldap_r-2.3.so.0

The correct way how to fix it is to rename libldap.so to libldap-2.3.so, but doing that might break customers setup, they are used to have libldap.so.
Comment 8 errata-xmlrpc 2009-01-20 20:53:29 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0090.html