Bug 790491

Summary: 389 DS Segfaults during replica install in FreeIPA
Product: Red Hat Enterprise Linux 6 Reporter: Rich Megginson <rmeggins>
Component: 389-ds-baseAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.3CC: amsharma, ckannan, jgalipea, nkinder, syeghiay
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.10.1-1.el6 Doc Type: Bug Fix
Doc Text:
Cause: Doing a replica initialization. Consequence: Server crashes. Fix: A NULL pointer dereference was found and fixed that would occur under certain conditions during replica initialization. Result: Server does not crash during replica initialization.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 07:14:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rich Megginson 2012-02-14 16:31:53 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/294

ipa-replica-install /var/lib/ipa/replica-info-auth1.qai.expertcity.com.gpg 
Directory Manager (existing master) password: 

Run connection check to master
Check connection from replica to remote master 'authmgr1.ops.expertcity.com':
   Directory Service: Unsecure port (389): OK
   Directory Service: Secure port (636): OK
   Kerberos KDC: TCP (88): OK
   Kerberos KDC: UDP (88): OK
   Kerberos Kpasswd: TCP (464): OK
   Kerberos Kpasswd: UDP (464): OK
   HTTP Server: Unsecure port (80): OK
   HTTP Server: Secure port (443): OK

Connection from replica to master is OK.
Start listening on required ports for remote master check
Get credentials to log in to remote master
admin password: 

Execute check on remote master
Check connection from master to remote replica 'auth1.qai.expertcity.com':
   Directory Service: Unsecure port (389): OK
   Directory Service: Secure port (636): OK
   Kerberos KDC: TCP (88): OK
   Kerberos KDC: UDP (88): OK
   Kerberos Kpasswd: TCP (464): OK
   Kerberos Kpasswd: UDP (464): OK
   HTTP Server: Unsecure port (80): OK
   HTTP Server: Secure port (443): OK

Connection from master to replica is OK.

Connection check OK
Configuring ntpd
  [1/4]: stopping ntpd
  [2/4]: writing configuration
  [3/4]: configuring ntpd to start on boot
  [4/4]: starting ntpd
done configuring ntpd.
Configuring directory server: Estimated time 1 minute
  [1/29]: creating directory server user
  [2/29]: creating directory server instance
  [3/29]: adding default schema
  [4/29]: enabling memberof plugin
  [5/29]: enabling referential integrity plugin
  [6/29]: enabling winsync plugin
  [7/29]: configuring replication version plugin
  [8/29]: enabling IPA enrollment plugin
  [9/29]: enabling ldapi
  [10/29]: configuring uniqueness plugin
  [11/29]: configuring uuid plugin
  [12/29]: configuring modrdn plugin
  [13/29]: enabling entryUSN plugin
  [14/29]: configuring lockout plugin
  [15/29]: creating indices
  [16/29]: configuring ssl for ds instance
  [17/29]: configuring certmap.conf
  [18/29]: configure autobind for root
  [19/29]: configure new location for managed entries
  [20/29]: restarting directory server
  [21/29]: setting up initial replication
Starting replication, please wait until this has completed.
Update in progress
Update in progress
Update in progress
Update in progress
Update in progress
Update in progress
[authmgr1.ops.expertcity.com] reports: Update failed! Status: [-2 Total update abortedSystem error]
creation of replica failed: Failed to start replication

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
Comment 3 Rich Megginson 2012-04-16 21:00:14 UTC 
steps to verify - verify no regressions/crashes during mmr acceptance, stress, long duration, etc.
Comment 4 Amita Sharma 2012-05-24 11:32:45 UTC 
no regression noticed, marking as VERIFIED.
Comment 5 Rich Megginson 2012-05-24 23:43:02 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause: Doing a replica initialization.
Consequence: Server crashes.
Fix: A NULL pointer dereference was found and fixed that would occur under certain conditions during replica initialization.
Result: Server does not crash during replica initialization.
Comment 6 errata-xmlrpc 2012-06-20 07:14:46 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0813.html