Bug 681351

Summary:	snmp-agent no longer works with Fedora 14
Product:	Red Hat Enterprise Linux 6	Reporter:	Nathan Kinder <nkinder>
Component:	389-ds-base	Assignee:	Rich Megginson <rmeggins>
Status:	CLOSED ERRATA	QA Contact:	Chandrasekar Kannan <ckannan>
Severity:	medium	Docs Contact:
Priority:	unspecified
Version:	6.1	CC:	benl, dpal, dyaffe, jgalipea, rmeggins
Target Milestone:	rc	Keywords:	screened
Target Release:	---
Hardware:	i686
OS:	Linux
Whiteboard:
Fixed In Version:	389-ds-base-1.2.8-0.6.rc1.el6	Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:	674852	Environment:
Last Closed:	2011-05-19 12:42:23 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	674852
Bug Blocks:	639035, 656390, 679210, 680575

Description Nathan Kinder 2011-03-01 21:40:59 UTC

+++ This bug was initially created as a clone of Bug #674852 +++

Description of problem:
snmp-agent crashes when lauching.

Version-Release number of selected component (if applicable):
389-admin-console-1.1.5-1.fc14.noarch
fc14.i686389-ds-base-1.2.8-0.1.a1.fc14.i686
389-console-1.1.4-1.fc14.noarch
389-admin-1.1.14-1.fc14.i686
389-admin-console-doc-1.1.5-1.fc14.noarch
389-dsgw-1.1.6-1.fc14.i686
389-ds-console-1.2.3-1.fc14.noarch
389-ds-console-doc-1.2.3-1.fc14.noarch
389-adminutil-1.1.13-1.fc14.i686
389-ds-1.2.1-1.fc14.noarch

How reproducible:
start dirsrv-snmp

Steps to Reproduce:
1. configure /etc/dirsrv/config/ldap-agent.conf to refer to the proper directory instance
2. start the snmp agent.
3.
  
Actual results:
using service dirsrv-snmp start, the standard [FAILED] message is displayed.
/var/log/messages contains the following:
Feb  3 08:31:06 daisy kernel: [71624.891859] ldap-agent-bin[29793]: segfault at 0 ip 00abd978 sp bfdf5684 error 6 in libc-2.12.90.so[a44000+18d000]
Feb  3 08:31:06 daisy abrt[29796]: saved core dump of pid 29793 (/usr/sbin/ldap-agent-bin) to /var/spool/abrt/ccpp-1296743466-29793.new/coredump (991232 bytes)
Feb  3 08:31:06 daisy abrtd: Directory 'ccpp-1296743466-29793' creation detected
Feb  3 08:31:06 daisy abrtd: Crash is in database already (dup of /var/spool/abrt/ccpp-1296671123-3787)
Feb  3 08:31:06 daisy abrtd: Deleting crash ccpp-1296743466-29793 (dup of ccpp-1296671123-3787), sending dbus signal

Expected results:
The SNMP agent starts. With version 1.2.7, the SNMP agent started when selinux was disabled.

Additional info:
System is a new installation of Fedora 14, with all patches applied.

manually launching snmp agent results:
[root@daisy ~]# sh -x ldap-agent -D /etc/dirsrv/config/ldap-agent.conf
+ LIB_DIR=:::
+ BIN_DIR=/usr/sbin
+ COMMAND=ldap-agent-bin
+ MIBS=
+ export MIBS
+ LD_LIBRARY_PATH=:::
+ export LD_LIBRARY_PATH
+ PATH=/usr/sbin
+ export PATH
+ ORIGINAL_IFS='
'
+ IFS=:
+ for dir in '${PATH}'
+ '[' -x /usr/sbin/ldap-agent-bin ']'
+ IFS='
'
+ /usr/sbin/ldap-agent-bin -D /etc/dirsrv/config/ldap-agent.conf
/usr/sbin/ldap-agent: line 48: 29813 Segmentation fault      (core dumped) ${dir}/${COMMAND} "$@"
+ exit 139

--- Additional comment from nkinder on 2011-02-03 12:48:34 EST ---

I am unable to reproduce the crash on my fully updated F14 system.  Please install the 389-ds-base-debuginfo package and launch ldap-agent-bin manually from gdb.  You should be able to generate a stack trace so we can see what is going on.

--- Additional comment from andrej on 2011-02-23 14:11:08 EST ---

Created attachment 480557 [details]
Simple fix for segfault in ldap-agent-bin

I have also stumbeled on this bug this morning. The bug is caused by uninitialized buflen variable in ldap/servers/snmp/main.c, function load_config().

It's triggered by a call to ldif_read_record, which checks for buflen and reallocates memory if needed. As buflen isn't properly initialized to 0, this means the method randomly (or in my case not so randomly) segfaults while reading dse.ldif configuration of server instance.

I have attached a patch to fix this bug.

Comment 1 Nathan Kinder 2011-03-01 22:36:31 UTC

Pushed to 389-ds-base-1.2.8 branch.

Counting objects: 11, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 615 bytes, done.
Total 6 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   a36c6df..1ba8420  128-local -> 389-ds-base-1.2.8

Comment 3 Chandrasekar Kannan 2011-04-17 19:30:40 UTC

Verified..no crash observed on rhel6.1

[root@ds90-rhel6-32vm ~]# rpm  -q 389-ds-base
389-ds-base-1.2.8.2-1.el6.i686
[root@ds90-rhel6-32vm ~]# cat /etc/dirsrv/config/ldap-agent.conf
# The agentx-master setting defines how to communicate
# with the SNMP master agent using the AgentX protocol.
# The default is to use a UNIX domain socket.  If your
# master agent is listening on a tcp port for AgentX
# subagents, use a line like the following:
#
# agentx-master localhost:705
agentx-master /var/agentx/master

# The agent-logdir settings defines where the subagent
# will write it's logfile.
agent-logdir /var/log/dirsrv

# The server setting specifies a Directory Server
# instance that you want to monitor. You must use one
# server setting for each Directory Server instance. The
# subagent requires at least one server setting to be
# specified. The server setting
# should be set to the name of the Directory Server
# instance you would like to monitor. For example:
# 
server slapd-ds90
# 
# To monitor multiple Directory Server instances,  add
# an additional server parameter for each instance:
# 
# server slapd-phonebook
# server slapd-example
# server slapd-directory

[root@ds90-rhel6-32vm ~]# sh -x ldap-agent -D /etc/dirsrv/config/ldap-agent.conf
+ BIN_DIR=/usr/sbin
+ COMMAND=ldap-agent-bin
+ MIBS=
+ export MIBS
+ libpath_add ''
+ '[' -z '' ']'
+ return
+ libpath_add ''
+ '[' -z '' ']'
+ return
+ libpath_add ''
+ '[' -z '' ']'
+ return
+ libpath_add ''
+ '[' -z '' ']'
+ return
+ export LD_LIBRARY_PATH
+ PATH=/usr/sbin
+ export PATH
+ ORIGINAL_IFS=' 	
'
+ IFS=:
+ for dir in '${PATH}'
+ '[' -x /usr/sbin/ldap-agent-bin ']'
+ IFS=' 	
'
+ /usr/sbin/ldap-agent-bin -D /etc/dirsrv/config/ldap-agent.conf
ldap-agent: Started as pid 19109
+ exit 0
[root@ds90-rhel6-32vm ~]# ps -ef | grep -i agent
gdm       1784  1745  0 Apr10 ?        00:00:00 /usr/libexec/polkit-gnome-authentication-agent-1
root     19109     1  0 15:29 ?        00:00:00 /usr/sbin/ldap-agent-bin -D /etc/dirsrv/config/ldap-agent.conf
root     19111 16232  0 15:29 pts/1    00:00:00 grep -i agent
[root@ds90-rhel6-32vm ~]#

Comment 4 errata-xmlrpc 2011-05-19 12:42:23 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html