Bug 1309964 - Crash in slapi_get_object_extension
Crash in slapi_get_object_extension
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: 389-ds-base (Show other bugs)
7.2
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: Noriko Hosoi
Viktor Ashirov
: ZStream
Depends On: 1302823
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-19 01:05 EST by Jan Kurik
Modified: 2016-03-31 18:04 EDT (History)
7 users (show)

See Also:
Fixed In Version: 389-ds-base-1.3.4.0-27.el7
Doc Type: Bug Fix
Doc Text:
When a persistent search (psearch) was launched by a bind user without sufficient permissions, the access permissions object in cache previously failed to reset to point the initial pblock structure to the permanent structure. As a consequence, the ACL plug-in could crash the server due to a missing pblock object. This update ensures that the initial pblock object is reset to the permanent pblock and prevents the server from crashing in this situation.
Story Points: ---
Clone Of: 1302823
Environment:
Last Closed: 2016-03-31 18:04:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Kurik 2016-02-19 01:05:42 EST
This bug has been copied from bug #1302823 and has been proposed
to be backported to 7.2 z-stream (EUS).
Comment 5 Sankar Ramalingam 2016-03-10 05:54:48 EST
1). Enable memberOf plugin
[root@vm-idm-004 MMR_WINSYNC]# PORT="1189" ; ldapsearch -x -LLL -p $PORT -h localhost -D "cn=Directory Manager" -w Secret123 -b "cn=MemberOf Plugin,cn=plugins,cn=config" nsslapd-pluginEnabled
dn: cn=MemberOf Plugin,cn=plugins,cn=config
nsslapd-pluginEnabled: on

[root@vm-idm-004 MMR_WINSYNC]# PORT="1189" ; ldapsearch -x -LLL -p $PORT -h localhost -D "cn=Directory Manager" -w Secret123 -b "cn=MemberOf Plugin,cn=plugins,cn=config" memberofGroupattr
dn: cn=MemberOf Plugin,cn=plugins,cn=config
memberofGroupattr: member
memberofGroupattr: uniqueMember

2). Add about 2k users
[root@vm-idm-004 MMR_WINSYNC]# for PORT in `echo "1189"`; do Users=`ldapsearch -x -p $PORT -h localhost -D "cn=Directory Manager" -w Secret123 -b "dc=passsync,dc=com" |grep -i "dn: uid=*" |wc -l`; echo "User entries on PORT-$PORT is $Users"; done
User entries on PORT-1189 is 2016

3). Add 2k users to groups.
[root@vm-idm-004 MMR_WINSYNC]# ./AddEntry.sh Groups 1189 "ou=groups,dc=passsync,dc=com" grpcrashgrp 3 localhostNo of entries added will be 3
Adding 3 Groups to 
adding new entry "cn=grpcrashgrp3,ou=groups,dc=passsync,dc=com"

adding new entry "cn=grpcrashgrp2,ou=groups,dc=passsync,dc=com"

adding new entry "cn=grpcrashgrp1,ou=groups,dc=passsync,dc=com"

[root@vm-idm-004 MMR_WINSYNC]# PORT="1189"; ldapsearch -x -p $PORT -h localhost -D "cn=Directory Manager" -w Secret123 -b "cn=grpcrashgrp3,ou=groups,dc=passsync,dc=com" |grep -i uniqueMember | wc -l
2016


4). Run Psearch as a normal user
PORT=1189 ; /usr/lib64/mozldap/ldapsearch -r -p $PORT -h localhost -D "uid=sssssusr1,ou=people,dc=passsync,dc=com" -w Secret123 -b "dc=passsync,dc=com" -C ps:any objectclass=*


5). Run ldapmodify for the group entry and continue for an hour
[root@vm-idm-004 export]# ./bug_verify.sh 
Ldapmodify ran for about 1hr

[root@vm-idm-004 export]# cat bug_verify.sh 
#!/bin/sh

add_no=1 ; del_no=2 ; TimeNow=`date +"%-H%M"` ; After1Hour=`expr $TimeNow + 100` ; while [ $TimeNow -lt $After1Hour ]; do
ldapmodify -x -p 1189 -h localhost -D "cn=Directory Manager" -w Secret123 << EOF > /dev/null
dn: cn=grpcrashgrp3,ou=groups,dc=passsync,dc=com
changetype: modify
add: uniqueMember
uniqueMember: uid=newusr$add_no,ou=people,dc=passsync,dc=com
EOF
       
ldapmodify -x -p 1189 -h localhost -D "cn=Directory Manager" -w Secret123 << EOF > /dev/null
dn: cn=grpcrashgrp3,ou=groups,dc=passsync,dc=com
changetype: modify
delete: uniqueMember
uniqueMember: uid=oldusr$del_no,ou=people,dc=passsync,dc=com
EOF
  sleep 0.3 ; TimeNow=`date +"%-H%M"` ; del_no=`expr $del_no + 1`; add_no=`expr $add_no + 1`; done ; echo "Ldapmodify ran for about 1hr"

6). Check the status of slapd.
[root@vm-idm-004 ~]# systemctl restart dirsrv.target ; echo $?
0
[root@vm-idm-004 ~]# ps -eaf |grep -i ns-slapd > /dev/null; echo $?
0

Packages tested:
[root@vm-idm-004 ~]# rpm -qa |grep -i 389-ds
389-ds-base-devel-1.3.4.0-28.el7_2.x86_64
389-ds-base-debuginfo-1.3.4.0-28.el7_2.x86_64
389-ds-base-libs-1.3.4.0-28.el7_2.x86_64
389-ds-base-1.3.4.0-28.el7_2.x86_64


No crashes observed. Hence, marking the bug as Verified.
Comment 7 errata-xmlrpc 2016-03-31 18:04:44 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0550.html

Note You need to log in before you can comment on or make changes to this bug.