Bug 548475
| Summary: | move openldap libraries from /usr/lib to /lib | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Eduard Benes <ebenes> |
| Component: | openldap | Assignee: | Jan Vcelak <jvcelak> |
| Status: | CLOSED ERRATA | QA Contact: | Ondrej Moriš <omoris> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.1 | CC: | jplans, jvcelak, mcrha, ohudlick, omoris, rvokal, tsmetana |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | openldap-2.4.23-13.el6 | Doc Type: | Bug Fix |
| Doc Text: |
- have diskless station with program which requires OpenLDAP libraries (e.g. audispd-zos-remote) and is used during the boot
- tool will fail as /usr/lib is not available at the boot time
- moved all OpenLDAP libraries from /usr/lib to /lib
- tools using OpenLDAP libraries on diskless stations can use these libraries even during boot
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-05-19 13:59:29 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 548479 | ||
This is actually not such a bad problem. The audit event dispatcher will attempt to restart the plugin when it has an event to report. So, under normal operations, the plugin should get started when the next event arrives which would be after the disks are mounted. Not sure what to do about this bug. In a way, this is a problem. But its not an audit package problem. IOW, the work would have to be done on 2 different packages and we would need 2 bz for that. I don't think we are moving libraries around this late in RHEL5's life, too. I would suggest closing this bug or moving it to RHEL6 where we can do something about it. I agree, there is no point in making this kind of change in RHEL5 in its current life phase. I'm moving this bug to RHEL6, I believe this change can occur in RHEL-6.1. Fixed in: openldap-2.4.23-5.el6
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
- have diskless station with program which requires OpenLDAP libraries (e.g. audispd-zos-remote) and is used during the boot
- tool will fail as /usr/lib is not available at the boot time
- moved libldap, libldap_r and liblber libraries from /usr/lib to /lib
- tools using OpenLDAP libraries on diskless stations can use these libraries even during boot
Symlinks for openldap-devel were left in /usr/lib. Realy fixed in: openldap-2.4.23-6.el6 I suppose this change may fix my issue with evolution-data-server, which is using evolution-openldap. The RPMdiff failed [1] with removed ABI symbols from ldap, because evolution-data-server is linking ldap libraries statically. I noticed in build.log of [2] (after this RPMdiff failure notice) that the evolution-data-server is configured with > --with-openldap=/usr/lib/evolution-openldap --with-static-ldap and then later in the log > checking for OpenLDAP... /usr/lib/evolution-openldap > ... > checking for ldap_open in -lldap... no > checking for ldap_ntlm_bind... no which results in: > LDAP support: /usr/lib/evolution-openldap (static) but > configure: WARNING: > No NTLM support in OpenLDAP; Plaintext password authentication will be > used when connecting to the Exchange Global Catalog server. Consider > installing the evo-openldap package, or building OpenLDAP with the > patch in servers/exchange/docs/openldap-ntlm.diff The warning may not be there, same as the ABI change reported by RPMdiff might not be there. Evolution-data-server build from 2011-01-10 against openldap-devel-2.4.19-15.el6 works correctly, but build from 2011-01-17 against openldap-devel-2.4.23-4.el6 doesn't work. Same as the latest build [3], which is also against 2.4.23-4. Can we get the latest openldap package to the build root, please? [1] https://errata.devel.redhat.com/rpmdiff/show/47337 [2] http://download.devel.redhat.com/brewroot/packages/evolution-data-server/2.28.3/14.el6/data/logs/i686/ [3] https://brewweb.devel.redhat.com/taskinfo?taskID=3079160 OK, I asked rel-eng to tag newer openldap for a build, and it didn't help. When the evolution-data-server is built against openldap-devel-2.4.23-8.el6 then it suffers with the same issue. So what now, do you want a new bug report? Oops, I forgot to update this. The latest evolution-data-server-2.28.3-15.el6 builds fine, the problem was with nss not being used when compiling exchange parts of eds, if I recall correctly. Jan, please move also libldif-2.4.so.* from /usr/lib{,64} to /lib{,64}. It is
just a "cosmetic" issue, but it would be nice if all libraries were placed in
the same location. A symlink in /usr/lib{,64} might be created as well.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -1,4 +1,4 @@
- have diskless station with program which requires OpenLDAP libraries (e.g. audispd-zos-remote) and is used during the boot
- tool will fail as /usr/lib is not available at the boot time
-- moved libldap, libldap_r and liblber libraries from /usr/lib to /lib
+- moved all OpenLDAP libraries from /usr/lib to /lib
- tools using OpenLDAP libraries on diskless stations can use these libraries even during boot
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0673.html |
Description of problem: Currently /sbin/audispd-zos-remote relies on several libs in /usr. Moving those libraries from /usr/lib{,64}/ -> to /lib{,64} should be considered for disk-less systems and possible security issues. Version-Release number of selected component (if applicable): audispd-plugins-1.7.17-3.el5 How reproducible: always Steps to Reproduce: 1. run tps-rpmtest on the audit package [1] 2. check results for SharedLibTest Actual results: audispd-plugins-1.7.17-3.el5.ppc: /sbin/audispd-zos-remote relies on libs in /usr: libldap-2.3.so.0 => /usr/lib/libldap-2.3.so.0 (0x0fc30000) liblber-2.3.so.0 => /usr/lib/liblber-2.3.so.0 (0x0ffa0000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x0ed30000) (3 of 7 libs shown) Expected results: TBD Additional info: There are similar bugs for rsyslog and other packages. For example Bug 544328, Bug 544317, and others. [1] - http://wiki.test.redhat.com/ReferenceManual/Tps [2] - http://nest.test.redhat.com/mnt/qa/scratch/ppcp-5s-m1/2009:9184/tps/tps-rpmtest.html